2 matches found
CVE-2020-21913
The CVE-2020-21913 entry concerns ICU-20850 (ICU 66.1) containing a use-after-free in pkg_createWithAssemblyCode (tools/pkgdata/pkgdata.cpp). IBM’s security bulletin links this ICU issue to IBM Db2, stating multiple ICU-related vulnerabilities affect Db2 and providing affected versions (DB2 10.5....
CVE-2025-5222
CVE-2025-5222 is a stack buffer overflow in the ICU library’s SRBRoot::addTag. Connected advisories indicate affected packages across distributions include ICU itself and dependent packages (e.g., nodejs and icu packages) with versions below patched releases (e.g., nodejs < 20.14.0-10, nodejs1...