Vulnerabilities > Alpine Project

DATE CVE VULNERABILITY TITLE RISK
2022-12-28 CVE-2022-23553 Unspecified vulnerability in Alpine Project Alpine
Alpine is a scaffolding library in Java.
network
low complexity
alpine-project
7.5
2022-12-28 CVE-2022-23554 Incorrect Comparison vulnerability in Alpine Project Alpine
Alpine is a scaffolding library in Java.
network
low complexity
alpine-project CWE-697
5.4
2022-11-03 CVE-2021-46853 Unspecified vulnerability in Alpine Project Alpine
Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before STARTTLS.
network
high complexity
alpine-project
5.9
2021-08-10 CVE-2021-38370 Command Injection vulnerability in Alpine Project Alpine
In Alpine before 2.25, untagged responses from an IMAP server are accepted before STARTTLS.
network
high complexity
alpine-project CWE-77
5.9
2020-06-19 CVE-2020-14929 Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
network
low complexity
alpine-project fedoraproject debian
7.5