Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libavif@0.11.1-1%2Bdeb12u1
purl pkg:deb/debian/libavif@0.11.1-1%2Bdeb12u1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-m229-g3dn-pbbg In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. CVE-2025-48174
VCID-vpe9-3csn-vyf1 In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. CVE-2025-48175

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T16:29:45.434082+00:00 Debian Oval Importer Fixing VCID-vpe9-3csn-vyf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:17:08.904878+00:00 Debian Oval Importer Fixing VCID-m229-g3dn-pbbg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T16:16:53.050700+00:00 Debian Oval Importer Fixing VCID-vpe9-3csn-vyf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:05:28.555341+00:00 Debian Oval Importer Fixing VCID-m229-g3dn-pbbg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T16:09:03.699975+00:00 Debian Oval Importer Fixing VCID-vpe9-3csn-vyf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:00:56.451947+00:00 Debian Oval Importer Fixing VCID-m229-g3dn-pbbg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0