Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...
5.4CVSS
5.6AI Score
0.001EPSS
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known...
7.5CVSS
7.5AI Score
0.001EPSS
Alpine before 2.25 allows remote attackers to cause a denial of service (application crash) when LIST or LSUB is sent before...
5.9CVSS
5.7AI Score
0.003EPSS
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alpine Press Alpine PhotoTile for Pinterest plugin <= 1.3.1 at...
5.4CVSS
5.2AI Score
0.001EPSS
A vulnerability, which was classified as problematic, has been found in Alpine PhotoTile for Instagram Plugin 1.2.7.7. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched...
6.1CVSS
6.7AI Score
0.001EPSS
In Alpine before 2.25, untagged responses from an IMAP server are accepted before...
5.9CVSS
5.6AI Score
0.002EPSS
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to...
7.5CVSS
7.2AI Score
0.009EPSS
The alpine-photo-tile-for-instagram plugin before 1.2.7.6 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=alpine-photo-tile-for-instagram-settings tab...
6.5CVSS
6.1AI Score
0.002EPSS
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux...
9.8CVSS
9.3AI Score
0.01EPSS
Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail...
7.7AI Score
0.118EPSS