VDB
ALPINE-CVE-2019-8905
ALPINE-CVE-2019-8905
PUBLISHED
CVSS 4.400000095367432 MEDIUM
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
Risk Scores
CVSS 3.1
4.400000095367432
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.8 | file | 0, 5.01-r0, 0 |
| Alpine:v3.10 | file | 5.07-r1, 0, 5.35-r0 |
| Alpine:v3.19 | file | 5.09-r1, 0, 4.26-r1 |
| Alpine:v3.12 | file | 0, 4.26-r1, 0 |
| Alpine:v3.16 | file | 4.26-r1, 0, 0 |
| Alpine:v3.18 | file | 5.31-r1, 4.26-r1, 5.01-r0 |
| Alpine:v3.15 | file | 5.09-r1, 5.11-r0, 5.12-r0 |
| Alpine:v3.21 | file | 5.23-r0, 5.22-r0, 5.21-r0 |
| Alpine:v3.7 | file | 5.19-r0, 0, 4.26-r1 |
| Alpine:v3.17 | file | 0, 0, 5.35-r0 |
| Alpine:v3.9 | file | 0, 5.03-r0, 4.26-r1 |
| Alpine:v3.11 | file | 5.35-r0, 5.19-r0, 0 |
| Alpine:v3.14 | file | 5.18-r0, 0, 4.26-r1 |
| Alpine:v3.22 | file | 5.14-r0, 5.09-r0, 5.08-r0 |
| Alpine:v3.13 | file | 0, 0, 5.00-r0 |
| Alpine:v3.20 | file | 5.19-r2, 0, 5.35-r0 |
| Alpine:v3.23 | file | 5.33-r0, 5.35-r0, 0 |
| Alpine:v3.24 | file | 0 |
Timeline
- Feb 18, 2019 CVE Published
- Apr 30, 2026 Distribution Patch
- Jun 9, 2026 CVE Updated