GHSA-4696-g7jj-xg2h, CVE-2022-38216
maven/com.mapbox.mapboxsdk/mapbox-android-core
Integer Overflow or Wraparound
An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out-of-bounds writes, potentially crashing the Mapbox process.
All versions before 10.6.1
Upgrade to version 10.6.1 or above.
2022-11-22
source |