CVE-2025-48174
ADVISORY - nistSummary
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.
EPSS Score: 0.00082 (0.242)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Integer Overflow or Wraparound
Alpine
CREATED
UPDATED
ADVISORY IDCVE-2025-48174
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| alpine/libavif | apk | alpine | 3.21 | <=1.0.4-r0 | Not yet available |
| alpine/libavif | apk | alpine | 3.20 | <=1.0.4-r0 | Not yet available |
Severity and metrics
No CVSS data available from this advisory.
NIST
CREATED
UPDATED
ADVISORY IDCVE-2025-48174
EXPLOITABILITY SCORE
1.4
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
4.5mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2025-48174
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2025-48174
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-