Search for packages
Package details: pkg:deb/debian/icu@57.1-6%2Bdeb9u4
purl pkg:deb/debian/icu@57.1-6%2Bdeb9u4
Next non-vulnerable version 72.1-3
Latest non-vulnerable version 72.1-3
Risk 4.5
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-7uxp-cx7j-9ka3
Aliases:
CVE-2017-15422
Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
63.1-6+deb10u3
Affected by 4 other vulnerabilities.
VCID-8axv-ehyu-zqav
Aliases:
CVE-2020-10531
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
63.1-6+deb10u3
Affected by 4 other vulnerabilities.
67.1-7
Affected by 1 other vulnerability.
VCID-saxq-p7en-gyet
Aliases:
CVE-2025-5222
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
72.1-3
Affected by 0 other vulnerabilities.
VCID-vu9x-gy3f-fkes
Aliases:
CVE-2017-14952
63.1-6+deb10u3
Affected by 4 other vulnerabilities.
VCID-xvtf-unp2-xudm
Aliases:
CVE-2018-18928
International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.
63.1-6+deb10u3
Affected by 4 other vulnerabilities.
VCID-ywmu-5nne-1qdj
Aliases:
CVE-2020-21913
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
63.1-6+deb10u3
Affected by 4 other vulnerabilities.
67.1-7
Affected by 1 other vulnerability.
VCID-yxtk-z76x-9qc2
Aliases:
CVE-2021-30535
Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
67.1-7
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (14)
Vulnerability Summary Aliases
VCID-1vau-m61a-9bca CVE-2016-0494
VCID-79ef-qsqu-zfgd CVE-2015-4760
VCID-7uxp-cx7j-9ka3 Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-15422
VCID-8axv-ehyu-zqav An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. CVE-2020-10531
VCID-e67w-s6np-c7ey CVE-2015-4844
VCID-j5nf-8hjw-2qh3 CVE-2014-8146
VCID-jd5u-smut-1kga CVE-2017-7867
VCID-jktx-r8wk-ubek CVE-2014-8147
VCID-m3pm-3ghu-pbge CVE-2016-6293
VCID-qrqu-bfdx-huay CVE-2015-1270
VCID-se6t-x95k-7bhg CVE-2014-9911
VCID-vtvy-4wup-d7cs CVE-2016-7415
VCID-xm9d-fx8j-cfgn CVE-2017-7868
VCID-y6st-u7uj-kqek CVE-2015-2632

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-01T20:15:12.713619+00:00 Debian Oval Importer Affected by VCID-vu9x-gy3f-fkes https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:08:17.515591+00:00 Debian Oval Importer Fixing VCID-j5nf-8hjw-2qh3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:04:31.609356+00:00 Debian Oval Importer Fixing VCID-1vau-m61a-9bca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:51:03.605365+00:00 Debian Oval Importer Fixing VCID-vtvy-4wup-d7cs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:17:56.896049+00:00 Debian Oval Importer Affected by VCID-yxtk-z76x-9qc2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:05:48.762316+00:00 Debian Oval Importer Affected by VCID-ywmu-5nne-1qdj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:43:25.510299+00:00 Debian Oval Importer Fixing VCID-jd5u-smut-1kga https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:42:26.779693+00:00 Debian Oval Importer Affected by VCID-saxq-p7en-gyet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:33:17.341176+00:00 Debian Oval Importer Fixing VCID-79ef-qsqu-zfgd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:51:29.066320+00:00 Debian Oval Importer Fixing VCID-se6t-x95k-7bhg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:36:23.775292+00:00 Debian Oval Importer Fixing VCID-y6st-u7uj-kqek https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:33:36.641215+00:00 Debian Oval Importer Affected by VCID-xvtf-unp2-xudm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:22:20.715847+00:00 Debian Oval Importer Fixing VCID-e67w-s6np-c7ey https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:12:17.913104+00:00 Debian Oval Importer Fixing VCID-jktx-r8wk-ubek https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:53:42.952299+00:00 Debian Oval Importer Fixing VCID-qrqu-bfdx-huay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:25:48.605144+00:00 Debian Oval Importer Affected by VCID-8axv-ehyu-zqav https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:02:40.305317+00:00 Debian Oval Importer Fixing VCID-xm9d-fx8j-cfgn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:58:25.340876+00:00 Debian Oval Importer Affected by VCID-7uxp-cx7j-9ka3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:58:22.171339+00:00 Debian Oval Importer Fixing VCID-m3pm-3ghu-pbge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:39:43.886209+00:00 Debian Oval Importer Affected by VCID-8axv-ehyu-zqav https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:33:55.228176+00:00 Debian Oval Importer Affected by VCID-ywmu-5nne-1qdj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T10:59:02.007263+00:00 Debian Oval Importer Fixing VCID-7uxp-cx7j-9ka3 https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 37.0.0
2025-08-01T10:35:04.650835+00:00 Debian Oval Importer Fixing VCID-8axv-ehyu-zqav https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 37.0.0