Path Traversal Issue in Samsung Open Source rLottie
CVE-2025-53075

4.6MEDIUM

Key Information:

Vendor: Samsung Open Source
Status: Rlottie
Vendor: CVE Published:; 30 June 2025

🔔 Create Samsung Open Source Vulnerability Alert

What is CVE-2025-53075?

The Samsung Open Source rLottie product is susceptible to a path traversal vulnerability due to improper input validation. This vulnerability allows attackers to exploit the directory traversal flaws, potentially leading to unauthorized file access. Users of rLottie: V0.2 should take precautions to mitigate risks associated with this issue. For additional details, please refer to related discussions on GitHub.

Affected Version(s)

rLottie V0.2

References

https://github.com/Samsung/rlottie/pull/571

CVSS V4

Score:

4.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2025
Vulnerability Reserved
Jun 24, 2025

Credit

Meta Product Security