VYPR

rpm package

suse/libavif&distro=SUSE Manager Proxy LTS 4.3

pkg:rpm/suse/libavif&distro=SUSE%20Manager%20Proxy%20LTS%204.3

Vulnerabilities (4)

  • CVE-2025-48175May 16, 2025
    affected < 1.3.0-150400.3.6.1fixed 1.3.0-150400.3.6.1

    In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.

  • CVE-2025-48174May 16, 2025
    affected < 1.3.0-150400.3.6.1fixed 1.3.0-150400.3.6.1

    In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.

  • CVE-2023-6351Nov 29, 2023
    affected < 1.3.0-150400.3.6.1fixed 1.3.0-150400.3.6.1

    Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

  • CVE-2023-6350Nov 29, 2023
    affected < 1.3.0-150400.3.6.1fixed 1.3.0-150400.3.6.1

    Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)