CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
96.5%
Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi
0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1,
allows remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a crafted Arabic UTF-8 string that causes
original 2-byte UTF-8 sequences to be transformed into 3-byte sequences.