CVE-2022-38216

HIGH Year: 2022
CVSS v3 Score
7.5
High
Weakness Type
CWE-190
View all →

Vulnerability Description

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process.

Related Vulnerabilities

CVE-2011-1298

HIGH
CVSS:7.5(High)

An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.

CWE-1902011

CVE-2012-1610

HIGH
CVSS:7.5(High)

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component coun...

CWE-1902012

CVE-2013-2806

HIGH
CVSS:7.5(High)

Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic...

CWE-1902013

CVE-2013-2807

HIGH
CVSS:7.5(High)

Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic...

CWE-1902013

CVE-2015-1529

HIGH
CVSS:7.5(High)

Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors.

CWE-1902015

CVE-2015-7848

HIGH
CVSS:7.5(High)

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct ...

CWE-1902015