libavif (SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS package libavif, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2023-6350 — CVSS 8.8 (high): Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2023-6351 — CVSS 8.8 (high): Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-48174 — CVSS 4.5 (medium): In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.
CVE-2025-48175 — CVSS 4.5 (medium): In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes…