Browse all 14 CVE security advisories affecting Alpine. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Alpine serves as a minimal Linux distribution designed for resource-constrained environments and containerized applications. Historically, its vulnerabilities have frequently included remote code execution, cross-site scripting, and privilege escalation, often stemming from outdated packages in its repositories. The project maintains a security-focused approach with regular updates and a small attack surface due to its minimal design. While Alpine has not experienced major public security incidents, its CVE count of 14 reflects typical challenges in maintaining security across a broad package ecosystem. The distribution's lightweight nature and package management system remain central to its use case, though users must remain vigilant about dependency updates to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-8477 | Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability — iLX-507CWE-121 | 8.0 | - | 2025-08-01 |
| CVE-2025-8480 | Alpine iLX-507 Command Injection Remote Code Execution — iLX-507CWE-22 | 8.8 | - | 2025-08-01 |
| CVE-2025-8476 | Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability — iLX-507CWE-295 | 8.8 | - | 2025-08-01 |
| CVE-2025-8475 | Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability — iLX-507CWE-121 | 8.0 | - | 2025-08-01 |
| CVE-2025-8474 | Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability — iLX-507CWE-121 | 6.8 | - | 2025-08-01 |
| CVE-2025-8473 | Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability — iLX-507CWE-78 | 6.8 | - | 2025-08-01 |
| CVE-2025-8472 | Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability — iLX-507CWE-121 | 8.0 | - | 2025-08-01 |
This page lists every published CVE security advisory associated with Alpine. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.