CVE-2025-53076Improper Input Validation in Open Source Rlottie

CWE-20Improper Input ValidationCWE-401Missing Release of Memory after Effective Lifetime6 documents6 sources
Severity
5.1MEDIUMNVD
EPSS
0.1%
top 67.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Open Source RlottieSamsung Rlottie
Timeline
PublishedJun 30

Description

Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers.This issue affects rLottie: V0.2.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

3
CVEList
CVE-2025-53076: Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers2025-06-30
GHSA
GHSA-4g28-pqg3-vcxc: Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers2025-06-30
OSV
CVE-2025-53076: Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers2025-06-30

📋Vendor Advisories

2
Debian
CVE-2025-53076: rlottie - Improper Input Validation vulnerability in Samsung Open Source rLottie allows Ov...2025
Microsoft
iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table()2024-11-12
CVE-2025-53076 — Improper Input Validation | cvebase