0.001 Low
EPSS
Percentile
44.1%
icu is vulnerable to denial of service. The vulnerability exists due a use after free in the pkg_createWithAssemblyCode function in pkgdata.cpp which allows an attacker to crash the application by providing a malicious input.
pkg_createWithAssemblyCode
pkgdata.cpp
github.com/unicode-org/icu/pull/886
lists.debian.org/debian-lts-announce/2021/10/msg00008.html
secdb.alpinelinux.org/edge/main.yaml
unicode-org.atlassian.net/browse/ICU-20850
www.debian.org/security/2021/dsa-5014