Astra Linux – Vulnerability in Chromium

The double-free operation in the ICU of Google Chrome before version 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

icu: Stack buffer overflow in the SRBRoot::addTag function

A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...

CVE-2025-5222

A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...

Medium: icu

Issue Overview: International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. CVE-2020-21913 Affected Packages: icu Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

SUSE CVE-2013-2924

Use-after-free vulnerability in International Components for Unicode ICU, as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

SUSE CVE-2016-7415

Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode ICU through 57.1 for C/C++ allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a long locale string...

SUSE CVE-2017-7868

International Components for Unicode ICU for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utextmoveIndex32 function...

ICU: Integer overflow in UnicodeString::doAppend()

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

CVE-2020-10531

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

Google Chrome International Components for Unicode for C/C++ Denial of Service Vulnerability

Google Chrome is a web browser developed by Google, Inc.International Components for Unicode ICU for C/C++ is a Unicode-supported, software internationalization, globalization C/C++ library. ICU for C/C++ in Google Chrome versions prior to 40.0.2214.91 A security vulnerability exists in the Regul...

ICU: regexp engine incorrect handling of a zero length quantifier

The Regular Expressions package in International Components for Unicode ICU 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via vectors related to a...

Moderate: Red Hat Security Advisory: icu security update

Updated icu packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The International Components for Unicode ICU library provides robust and full-featured Unicode...