Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alpine vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-38370
In Alpine prior to 2.25, untagged responses from an IMAP server are accepted before STARTTLS.
Alpine Project Alpine
NA
CVE-2022-23553
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds.
Alpine Project Alpine
NA
CVE-2021-46853
Alpine prior to 2.25 allows remote malicious users to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
Alpine Project Alpine
NA
CVE-2022-23554
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswag...
Alpine Project Alpine
10
CVSSv2
CVE-2008-5005
Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and previous versions, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the...
University Of Washington Alpine 0.82
University Of Washington Alpine 0.999999
University Of Washington Alpine 0.98
University Of Washington Alpine 1.00
University Of Washington Alpine 1.10
University Of Washington Alpine 0.99
University Of Washington Alpine 0.81
University Of Washington Imap Toolkit 2003
University Of Washington Imap Toolkit 2005
University Of Washington Imap Toolkit 2002
University Of Washington Alpine 2.00
University Of Washington Imap Toolkit 2007c
University Of Washington Alpine 0.80
University Of Washington Alpine 0.99999
University Of Washington Alpine 0.999
University Of Washington Alpine 0.9999
University Of Washington Imap Toolkit 2006
University Of Washington Imap Toolkit 2004
University Of Washington Imap Toolkit 2007
University Of Washington Alpine 0.83
10
CVSSv2
CVE-2020-29578
The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote malicious user to achieve root access.
Matomo Piwik Fpm-alpine Docker Image 3
Matomo Piwik Fpm-alpine Docker Image 3.5
Matomo Piwik Fpm-alpine Docker Image 3.5.1
Matomo Piwik Fpm-alpine Docker Image 3.6
Matomo Piwik Fpm-alpine Docker Image 3.6.0
5
CVSSv2
CVE-2020-14929
Alpine prior to 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
Alpine Project Alpine
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2017-9669
A heap overflow in apk (Alpine Linux's package manager) allows a remote malicious user to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.
Alpinelinux Alpine Linux -
1 Article
6.8
CVSSv2
CVE-2017-9671
A heap overflow in apk (Alpine Linux's package manager) allows a remote malicious user to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
Alpinelinux Alpine Linux -
1 Article
6.8
CVSSv2
CVE-2018-1000849
Alpine Linux version Versions before 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools (Alpine Linux' package manager) that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to...
Alpinelinux Alpine Linux
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »