📦

international_components_for_unicode

Vendor: icu-project

Actively Exploited 0 CISA KEV List

PoC / Exploits 3 Code Available

Total RCEs 1 Remote Access

Total CVEs 117 Total Indexed

Avg. EPSS 5.56% Exploit Prob.

Latest CVE CVE-2025-5222 May 27

Security Vulnerability Index

Page 3 / 12

7.5 CVSS

CVE-2011-4599

Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.

EPSS: 24.11%

Severity: HIGH

Jun 21, 2012

9.3 CVSS

CVE-2007-4771

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.

EPSS: 2.33%

Severity: HIGH

Jan 29, 2008

6.8 CVSS

CVE-2007-4770

libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.

EPSS: 3.67%

Severity: MEDIUM

Jan 29, 2008

Displaying 3 of 117 Total Entries

1 2 3 4 5 ... 12

Total 12 Sections