VYPR

ICU for C/C++

by Unicode

CVEs (3)

  • CVE-2017-14952CriOct 16, 2017
    risk 0.64cvss 9.8epss 0.05

    Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.

  • CVE-2017-11362CriJul 17, 2017
    risk 0.64cvss 9.8epss 0.03

    In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact…

  • CVE-2018-18928Nov 4, 2018
    risk 0.00cvss epss 0.03

    International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.