CVE-2025-0634

CWE-416Use After Free6 documents6 sources
Severity
5.1MEDIUM
EPSS
0.0%
top 87.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Open Source RlottieSamsung Rlottie
Timeline
PublishedJun 30
Latest updateFeb 24

Description

Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages3 packages

Debianrlottie< 0.1+dfsg-2+deb11u1+3

🔴Vulnerability Details

3
OSV
CVE-2025-0634: Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion2025-06-30
CVEList
CVE-2025-0634: Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion2025-06-30
GHSA
GHSA-5cvm-3562-3m3m: Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion2025-06-30

📋Vendor Advisories

2
Ubuntu
rlottie vulnerabilities2026-02-24
Debian
CVE-2025-0634: rlottie - Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code I...2025
CVE-2025-0634 (MEDIUM CVSS 5.1) | Use After Free vulnerability in Sam | cvebase.io