Libavif

libavif

Vendor: Aomedia • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-48175 1Aomedia 1Libavif Nov 3, 2025 May 16, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.
CVE-2025-48174 1Aomedia 1Libavif Nov 3, 2025 May 16, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.
CVE-2020-36407 1Aomedia 1Libavif Nov 21, 2024 Jul 1, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataFillImageGrid.