VDB

ALPINE-CVE-2022-27778

ALPINE-CVE-2022-27778 PUBLISHED CVSS 8.100000381469727 HIGH

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.

Risk Scores

CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.17curl7.19.2-r0, 0, 7.19.4-r0
Alpine:v3.24curl0
Alpine:v3.18curl7.42.1-r0, 0, 7.19.2-r0
Alpine:v3.16curl0, 0, 7.19.2-r1
Alpine:v3.21curl7.21.0-r0, 0, 7.19.2-r0
Alpine:v3.22curl7.19.2-r0, 0, 7.83.0-r0
Alpine:v3.20curl7.53.0-r0, 7.51.0-r0, 0
Alpine:v3.23curl0, 7.19.2-r0, 7.19.2-r1
Alpine:v3.19curl0, 0, 7.83.0-r0

Timeline

  • Jun 2, 2022 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›