CVE-2019-18397

Summary (CVE-2019-18397) : A heap-based buffer overflow affects FriBidi up to version 1.0.7 in fribidi_get_par_embedding_levels_ex() (lib/fribidi-bidi.c). This can cause denial of service and, in some cases, arbitrary code execution when rendering crafted text with apps using FriBidi for bidirect...

CVE-2022-25310

CVE-2022-25310 is a segmentation fault (SEGV) in Fribidi’s fribidi_remove_bidi_marks() (lib/fribidi.c) that can crash Fribidi and cause a denial of service when processing crafted input. Connected advisories corroborate a vulnerability in Fribidi and indicate affected versions prior to fixed rele...

CVE-2022-25309

The CVE-2022-25309 issue is a heap-based buffer overflow in FriBidi affecting fribidi_cap_rtl_to_unicode() (fribidi-char-sets-cap-rtl.c). Exploitation requires a crafted input with the --caprtl option, enabling crash/Denial of Service (local access). Public advisories confirm fixes in Fribidi pac...

CVE-2022-25308

CVE-2022-25308 affects the Fribidi library with a stack-based buffer overflow that can cause memory corruption, memory leak, or denial of service. Connected advisories document the issue across multiple distributions. Remediation requires upgrading Fribidi to fixed versions (examples: >= 1.0.1...