CVE-2025-48175
ADVISORY - nistSummary
In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.
EPSS Score: 0.00101 (0.282)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Integer Overflow or Wraparound
Alpine
CREATED
UPDATED
ADVISORY IDCVE-2025-48175
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| alpine/libavif | apk | alpine | 3.21 | <=1.0.4-r0 | Not yet available |
| alpine/libavif | apk | alpine | 3.20 | <=1.0.4-r0 | Not yet available |
Severity and metrics
No CVSS data available from this advisory.
NIST
CREATED
UPDATED
ADVISORY IDCVE-2025-48175
EXPLOITABILITY SCORE
1.4
EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
4.5mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2025-48175
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2025-48175
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-