This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original 2-byte UTF-8 sequences to be transformed into 3-byte sequences.
CVSS 3.x Severity and Metrics:
NVD score not yet provided.
CVSS 2.0 Severity and Metrics: