icu-project security advisories
5 threat alerts tracking vulnerabilities and security advisories that affect icu-project products.
Vulnios monitors icu-project CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent icu-project security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2014-9911 — icu-project — international_components_for_unicode
Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a deni
criticalCVE-2014-9911Critical Vulnerability: CVE-2016-7415 — icu-project — international_components_for_unicode
Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (applicati
criticalCVE-2016-7415Critical Vulnerability: CVE-2016-6293 — icu-project — international_components_for_unicode
The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\0' character at the end of a certain
criticalCVE-2016-6293Critical Vulnerability: CVE-2017-17484 — icu-project — international_components_for_unicode
The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote at
criticalCVE-2017-17484Critical Vulnerability: CVE-2017-14952 — icu-project — international_components_for_unicode
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector e
criticalCVE-2017-14952
Track icu-project exposure across your environment
Vulnios automatically cross-references your asset inventory against new icu-project CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan