Browse all 14 CVE security advisories affecting Alpine. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Alpine serves as a minimal Linux distribution designed for resource-constrained environments and containerized applications. Historically, its vulnerabilities have frequently included remote code execution, cross-site scripting, and privilege escalation, often stemming from outdated packages in its repositories. The project maintains a security-focused approach with regular updates and a small attack surface due to its minimal design. While Alpine has not experienced major public security incidents, its CVE count of 14 reflects typical challenges in maintaining security across a broad package ecosystem. The distribution's lightweight nature and package management system remain central to its use case, though users must remain vigilant about dependency updates to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-23963 | Alpine Halo9 Stack-based Buffer Overflow — Halo9CWE-94 | 8.0 | High | 2025-01-30 |
| CVE-2024-23962 | Alpine Halo9 Missing Authentication — Halo9CWE-200 | 5.3 | Medium | 2025-01-30 |
| CVE-2024-23923 | Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability — Halo9CWE-416 | 8.8 | High | 2024-09-28 |
| CVE-2024-23960 | Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability — Halo9CWE-347 | 4.6 | Medium | 2024-09-28 |
| CVE-2024-23924 | Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability — Halo9CWE-78 | 6.8 | Medium | 2024-09-28 |
| CVE-2024-23961 | Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability — Halo9CWE-78 | 6.8 | Medium | 2024-09-28 |
| CVE-2024-23935 | Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability — Halo9CWE-121 | 8.0 | High | 2024-09-28 |
This page lists every published CVE security advisory associated with Alpine. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.