VYPR

rpm package

opensuse/icu&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/icu&distro=openSUSE%20Tumbleweed

Vulnerabilities (5)

  • CVE-2025-5222HigMay 27, 2025
    affected < 77.1-3.1fixed 77.1-3.1

    A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.

  • CVE-2020-21913Sep 20, 2021
    affected < 73.2-2.1fixed 73.2-2.1

    International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.

  • CVE-2020-10531Mar 12, 2020
    affected < 73.2-2.1fixed 73.2-2.1

    An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

  • CVE-2008-1036Jun 2, 2008
    affected < 69.1-2.3fixed 69.1-2.3

    The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cros

  • CVE-2007-4770Jan 29, 2008
    affected < 69.1-2.3fixed 69.1-2.3

    libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption