VulnerableCode Package Details - pkg:deb/ubuntu/icu@60.2-3ubuntu3

Search for packages

Package details: pkg:deb/ubuntu/icu@60.2-3ubuntu3

Essentials
History (0)

purl	pkg:deb/ubuntu/icu@60.2-3ubuntu3

Next non-vulnerable version	60.2-3ubuntu3.2
Latest non-vulnerable version	60.2-3ubuntu3.2
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-s2x7-ae8b-aaac Aliases: CVE-2020-21913	International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.	60.2-3ubuntu3.2 Affected by 0 other vulnerabilities.
VCID-vwsr-9y7x-aaac Aliases: CVE-2020-10531	An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.	60.2-3ubuntu3.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-xtqj-7q8m-aaaq	Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.	CVE-2017-15422

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version