HIGH🇵🇱 Wersja polska

CVE-2017-9669

CVSS 7.8v3.0pub. 2017-07-17upd. 2026-05-13

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Alpinelinux Alpine Linux

    OS
    Alpinelinux
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDoSMemory
CWE
References

Related vulnerabilities

CVE-2022-22704CRITICAL9.8ten sam produkt

The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root becau...

CVE-2019-5021CRITICAL9.8ten sam produkt

Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. ...

CVE-2018-1000849HIGH8.8ten sam produkt

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk...

CVE-2017-9671HIGH7.8ten sam produkt

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service,...

CVE-2021-30139HIGH7.5ten sam vendor

In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.