All vulnerabilities
CVE-2017-9671
Description
A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgrading
Score
7.8
Severity
High
Ecosystem
APK
Publish Date
July 17, 2017
Modified Date
April 10, 2026
Score Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Versions

