Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 39 results


CVE-2024-32752

Medium priority
Not affected

Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller is susceptible to Machine-in-the-Middle attacks which could impact door control and configuration.

1 affected packages

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-21913

Low priority
Fixed

International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.

7 affected packages

firefox, icu, mozjs38, mozjs52, mozjs68...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox Not affected Not affected Not affected Not affected
icu Not affected Not affected Fixed Fixed
mozjs38 Not in release Not in release Not affected Not in release
mozjs52 Not in release Not affected Not affected Not in release
mozjs68 Not in release Not affected Not in release Not in release
mozjs78 Not affected Not in release Not in release Not in release
thunderbird Not affected Not affected Not affected Not affected
Show all 7 packages Show less packages

CVE-2021-30535

Medium priority
Fixed

Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Not affected Fixed Ignored
icu Not affected Fixed Not affected Not affected
Show less packages

CVE-2020-10531

Medium priority
Fixed

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

2 affected packages

chromium-browser, icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
icu Fixed Fixed
Show less packages

CVE-2018-18928

Medium priority
Not affected

International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.

2 affected packages

chromium-browser, icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Not affected
icu Not affected Not affected
Show less packages

CVE-2017-17484

Medium priority
Not affected

The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of...

1 affected packages

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Not affected
Show less packages

CVE-2017-15422

Medium priority

Some fixes available 9 of 13

Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an...

3 affected packages

chromium-browser, icu, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
icu Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2017-14952

Medium priority
Fixed

Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue.

1 affected packages

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Fixed
Show less packages

CVE-2017-7868

Medium priority

Some fixes available 4 of 5

International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.

1 affected packages

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Fixed
Show less packages

CVE-2017-7867

Medium priority

Some fixes available 4 of 5

International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.

1 affected packages

icu

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icu Fixed
Show less packages