High severity7.8NVD Advisory· Published Jul 17, 2017· Updated May 13, 2026

CVE-2017-9669

Description

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.

Affected products

Alpinelinux/Alpine Linux
cpe:2.3:o:alpinelinux:alpine_linux:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2017/06/25/2nvdExploitMailing ListThird Party Advisory
www.twistlock.com/2017/06/25/alpine-linux-vulnerability-discovery-code-execution-pt-1-2/nvdExploitThird Party Advisory
www.securityfocus.com/bid/99340nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000