vulnerability
Alpine Linux: CVE-2017-12836: Vulnerability in Multiple Components
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:H/Au:N/C:P/I:P/A:P) | Aug 24, 2017 | Aug 22, 2024 | Dec 5, 2025 |
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:P/I:P/A:P)
Published
Aug 24, 2017
Added
Aug 22, 2024
Modified
Dec 5, 2025
Description
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."
Solution
alpine-linux-upgrade-cvs
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.