Use After Free Vulnerability in Samsung rLottie
CVE-2025-0634

5.1MEDIUM

Key Information:

Vendor: Samsung Open Source
Status: Rlottie
Vendor: CVE Published:; 30 June 2025

🔔 Create Samsung Open Source Vulnerability Alert

What is CVE-2025-0634?

A use after free vulnerability has been identified in Samsung's open-source rLottie library, which could allow for remote code inclusion. This flaw could potentially allow an attacker to exploit certain conditions in the software, leading to unauthorized code execution on affected systems. The affected version is rLottie V0.2, making it crucial for users to review their implementations and apply necessary security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

rLottie V0.2

References

https://github.com/Samsung/rlottie/pull/571

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Jun 30, 2025
Vulnerability Reserved
Jan 22, 2025

Credit

Meta Product Security

JSON

Samsung Open Source