Icu · International Components For Unicode · CVE-2020-21913
**Name of the Vulnerable Software and Affected Versions**
International Components for Unicode (ICU) version 66.1
**Description**
The issue is related to a use after free bug in the `pkg createWithAssemblyCode` function in the file `tools/pkgdata/pkgdata.cpp`. This bug can be exploited by a remote attacker to cause a denial of service.
**Recommendations**
For International Components for Unicode (ICU) version 66.1, update to a version that fixes the use after free bug in the `pkg createWithAssemblyCode` function. As a temporary workaround, consider restricting access to the `pkg createWithAssemblyCode` function to minimize the risk of exploitation.