Home

Description

Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2.

PUBLISHED Reserved 2025-01-22 | Published 2025-06-30 | Updated 2026-01-22 | Assigner samsung.tv_appliance




MEDIUM: 5.1CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-416 Use After Free

Product status

Default status
unaffected

V0.2 (custom)
affected

Credits

Meta Product Security reporter

References

github.com/...ommit/507ea027e47d3e1dc7ddbd9994621215eae7ebb9

github.com/Samsung/rlottie/pull/571

cve.org (CVE-2025-0634)

nvd.nist.gov (CVE-2025-0634)

Download JSON