CVE-2026-47320

Published: Giu 04, 2026 Last Modified: Giu 04, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,1
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: high

Description

AI Translation Available

Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads.

This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3.

674

Uncontrolled Recursion

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Confidentiality
Potential Impacts:
Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Read Application Data
Applicable Platforms
All platforms may be affected
View CWE Details
824

Access of Uninitialized Pointer

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Availability Integrity
Potential Impacts:
Read Memory Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands
Applicable Platforms
Languages: Memory-Unsafe, C, C++
View CWE Details
https://github.com/Samsung/rlottie/pull/593
https://github.com/Samsung/rlottie/pull/593