CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-21913
https://notcve.org/view.php?id=CVE-2020-21913
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. Se ha detectado que International Components for Unicode (ICU-20850) versión v66.1, contiene un bug de uso de memoria previamente liberada en la función pkg_createWithAssemblyCode en el archivo tools/pkgdata/pkgdata.cpp • https://github.com/unicode-org/icu/pull/886 https://lists.debian.org/debian-lts-announce/2021/10/msg00008.html https://unicode-org.atlassian.net/browse/ICU-20850 https://www.debian.org/security/2021/dsa-5014 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-10531 – ICU: Integer overflow in UnicodeString::doAppend()
https://notcve.org/view.php?id=CVE-2020-10531
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. Se detectó un problema en International Components for Unicode (ICU) para C/C++ versiones hasta 66.1. Se presenta un desbordamiento de enteros, conllevando a un desbordamiento de búfer en la región heap de la memoria, en la función UnicodeString::doAppend() en el archivo common/unistr.cpp. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html https://access.redhat.com/errata/RHSA-2020:0738 https://bugs.chromium.org/p/chromium/issues/detail?id=1044570 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08 https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca https://github.com/unicode-org/icu/pull/971 https://lists.debian • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18928
https://notcve.org/view.php?id=CVE-2018-18928
International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp. International Components for Unicode (ICU) for C/C++ 63.1 tiene un desbordamiento de enteros en number::impl::DecimalQuantity::toScientificString() en i18n/number_decimalquantity.cpp. • https://bugs.chromium.org/p/chromium/issues/detail?id=900059 https://github.com/unicode-org/icu/commit/53d8c8f3d181d87a6aa925b449b51c4a2c922a51 https://unicode-org.atlassian.net/browse/ICU-20246 • CWE-190: Integer Overflow or Wraparound •