VYPR
High severityNVD Advisory· Published Aug 16, 2022· Updated Aug 3, 2024

CVE-2022-38216

CVE-2022-38216

Description

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
com.mapbox.mapboxsdk:mapbox-android-coreMaven
< 10.6.110.6.1

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.