Search CVE reports
1 – 10 of 39 results
CVE-2024-32752
Medium priorityUnder certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and configuration.
1 affected packages
icu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icu | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2020-21913
Low priorityInternational Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
7 affected packages
firefox, icu, mozjs38, mozjs52, mozjs68...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| firefox | — | Not affected | Not affected | Not affected | Not affected |
| icu | — | Not affected | Not affected | Fixed | Fixed |
| mozjs38 | — | Not in release | Not in release | Not affected | Not in release |
| mozjs52 | — | Not in release | Not affected | Not affected | Not in release |
| mozjs68 | — | Not in release | Not affected | Not in release | Not in release |
| mozjs78 | — | Not affected | Not in release | Not in release | Not in release |
| thunderbird | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-30535
Medium priorityDouble free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
2 affected packages
chromium-browser, icu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | Not affected | Not affected | Fixed | Ignored |
| icu | — | Not affected | Fixed | Not affected | Not affected |
CVE-2020-10531
Medium priorityAn issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
2 affected packages
chromium-browser, icu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed | Fixed |
| icu | — | — | — | Fixed | Fixed |
CVE-2018-18928
Medium priorityInternational Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.
2 affected packages
chromium-browser, icu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | Not affected | Not affected |
| icu | — | — | — | Not affected | Not affected |
CVE-2017-17484
Medium priorityThe ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of...
1 affected packages
icu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icu | — | — | — | — | Not affected |
CVE-2017-15422
Medium prioritySome fixes available 9 of 13
Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an...
3 affected packages
chromium-browser, icu, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed | Fixed |
| icu | — | — | — | Not affected | Fixed |
| oxide-qt | — | — | — | Not in release | Ignored |
CVE-2017-14952
Medium priorityDouble free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.
1 affected packages
icu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icu | — | — | — | — | Fixed |
CVE-2017-7868
Medium prioritySome fixes available 4 of 5
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.
1 affected packages
icu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icu | — | — | — | — | Fixed |
CVE-2017-7867
Medium prioritySome fixes available 4 of 5
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.
1 affected packages
icu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icu | — | — | — | — | Fixed |