{"id":"ALPINE-CVE-2022-44638","details":"In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.","modified":"2026-03-09T01:24:20.951255Z","published":"2022-11-03T06:15:10.623Z","upstream":["CVE-2022-44638"],"references":[{"type":"ADVISORY","url":"https://security.alpinelinux.org/vuln/CVE-2022-44638"}],"affected":[{"package":{"name":"pixman","ecosystem":"Alpine:v3.13","purl":"pkg:apk/alpine/pixman?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.40.0-r3"}]}],"versions":["0.14.0-r0","0.15.2-r0","0.16.0-r0","0.16.2-r0","0.16.4-r0","0.16.6-r0","0.16.6-r1","0.18.0-r0","0.18.2-r0","0.18.4-r0","0.19.4-r0","0.20.0-r0","0.20.2-r0","0.22.0-r0","0.22.0-r1","0.22.0-r2","0.22.2-r0","0.24.0-r0","0.24.2-r0","0.24.4-r0","0.26.0-r0","0.26.2-r0","0.27.2-r0","0.28.0-r0","0.28.2-r0","0.29.2-r0","0.30.0-r0","0.30.2-r0","0.32.2-r0","0.32.4-r0","0.32.6-r0","0.32.6-r1","0.32.8-r0","0.34.0-r0","0.34.0-r1","0.34.0-r2","0.34.0-r3","0.34.0-r4","0.34.0-r5","0.34.0-r6","0.38.0-r0","0.38.4-r0","0.38.4-r1","0.40.0-r0","0.40.0-r1","0.40.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/alpine/ALPINE-CVE-2022-44638.json"}},{"package":{"name":"pixman","ecosystem":"Alpine:v3.14","purl":"pkg:apk/alpine/pixman?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.40.0-r3"}]}],"versions":["0.14.0-r0","0.15.2-r0","0.16.0-r0","0.16.2-r0","0.16.4-r0","0.16.6-r0","0.16.6-r1","0.18.0-r0","0.18.2-r0","0.18.4-r0","0.19.4-r0","0.20.0-r0","0.20.2-r0","0.22.0-r0","0.22.0-r1","0.22.0-r2","0.22.2-r0","0.24.0-r0","0.24.2-r0","0.24.4-r0","0.26.0-r0","0.26.2-r0","0.27.2-r0","0.28.0-r0","0.28.2-r0","0.29.2-r0","0.30.0-r0","0.30.2-r0","0.32.2-r0","0.32.4-r0","0.32.6-r0","0.32.6-r1","0.32.8-r0","0.34.0-r0","0.34.0-r1","0.34.0-r2","0.34.0-r3","0.34.0-r4","0.34.0-r5","0.34.0-r6","0.38.0-r0","0.38.4-r0","0.38.4-r1","0.40.0-r0","0.40.0-r1","0.40.0-r2"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/alpine/ALPINE-CVE-2022-44638.json"}},{"package":{"name":"pixman","ecosystem":"Alpine:v3.15","purl":"pkg:apk/alpine/pixman?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.40.0-r4"}]}],"versions":["0.14.0-r0","0.15.2-r0","0.16.0-r0","0.16.2-r0","0.16.4-r0","0.16.6-r0","0.16.6-r1","0.18.0-r0","0.18.2-r0","0.18.4-r0","0.19.4-r0","0.20.0-r0","0.20.2-r0","0.22.0-r0","0.22.0-r1","0.22.0-r2","0.22.2-r0","0.24.0-r0","0.24.2-r0","0.24.4-r0","0.26.0-r0","0.26.2-r0","0.27.2-r0","0.28.0-r0","0.28.2-r0","0.29.2-r0","0.30.0-r0","0.30.2-r0","0.32.2-r0","0.32.4-r0","0.32.6-r0","0.32.6-r1","0.32.8-r0","0.34.0-r0","0.34.0-r1","0.34.0-r2","0.34.0-r3","0.34.0-r4","0.34.0-r5","0.34.0-r6","0.38.0-r0","0.38.4-r0","0.38.4-r1","0.40.0-r0","0.40.0-r1","0.40.0-r2","0.40.0-r3"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/alpine/ALPINE-CVE-2022-44638.json"}},{"package":{"name":"pixman","ecosystem":"Alpine:v3.16","purl":"pkg:apk/alpine/pixman?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.40.0-r4"}]}],"versions":["0.14.0-r0","0.15.2-r0","0.16.0-r0","0.16.2-r0","0.16.4-r0","0.16.6-r0","0.16.6-r1","0.18.0-r0","0.18.2-r0","0.18.4-r0","0.19.4-r0","0.20.0-r0","0.20.2-r0","0.22.0-r0","0.22.0-r1","0.22.0-r2","0.22.2-r0","0.24.0-r0","0.24.2-r0","0.24.4-r0","0.26.0-r0","0.26.2-r0","0.27.2-r0","0.28.0-r0","0.28.2-r0","0.29.2-r0","0.30.0-r0","0.30.2-r0","0.32.2-r0","0.32.4-r0","0.32.6-r0","0.32.6-r1","0.32.8-r0","0.34.0-r0","0.34.0-r1","0.34.0-r2","0.34.0-r3","0.34.0-r4","0.34.0-r5","0.34.0-r6","0.38.0-r0","0.38.4-r0","0.38.4-r1","0.40.0-r0","0.40.0-r1","0.40.0-r2","0.40.0-r3"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/alpine/ALPINE-CVE-2022-44638.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}