CVE-2022-38216

Summary

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process.

Affected Software

VendorProductVersion RangeStatus
MapboxMapboxunspecified < 10.6.1affected

Weaknesses

  • CWE-190: Integer Overflow (CWE-190), Out-of-bounds Write (CWE-787)

ADP Enrichment

CVE Program Container

Additional References

References