Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-4696-g7jj-xg2h

Опубликовано: 17 авг. 2022
Источник: github
Github: Прошло ревью
CVSS3: 7.5

Описание

Mapbox is vulnerable to Integer Overflow

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process.

Ссылки

Пакеты

Наименование

com.mapbox.mapboxsdk:mapbox-android-core

maven
Затронутые версииВерсия исправления

< 10.6.1

10.6.1

EPSS

Процентиль: 54%
0.00317
Низкий

7.5 High

CVSS3

CVE ID

CVE-2022-38216

Дефекты

CWE-190

Связанные уязвимости

nvd логотип

CVE-2022-38216

CVSS3: 7.5
nvd
больше 3 лет назад

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process.

EPSS

Процентиль: 54%
0.00317
Низкий

7.5 High

CVSS3

CVE ID

CVE-2022-38216

Дефекты

CWE-190