CVE-2018-20483

🗓️ 26 Dec 2018 18:00:00Reported by mitreType

CVE-2018-20483 in GNU Wget before 1.20.1 allows local users to obtain sensitive information by reading extended attributes

Reporter	Title	Published	Views	Family All 80
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues	1 Mar 202418:03	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in wget	31 Jan 202423:03	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in 'GNU Wget' affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2018-20483)	12 Jan 202321:59	–	ibm
FreeBSD	wget -- security flaw in caching credentials passed as a part of the URL	25 Dec 201800:00	–	freebsd
Tenable Nessus	Amazon Linux 2 : curl (ALAS-2019-1162)	19 Feb 201900:00	–	nessus
Tenable Nessus	Amazon Linux AMI : curl (ALAS-2019-1151)	8 Feb 201900:00	–	nessus
Tenable Nessus	CentOS 8 : curl (CESA-2019:3701)	29 Jan 202100:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : wget (EulerOS-SA-2019-1663)	27 Jun 201900:00	–	nessus
Tenable Nessus	Fedora 29 : wget (2019-088875c43a)	7 Jan 201900:00	–	nessus
Tenable Nessus	Fedora 29 : curl (2019-427a0ba9e3)	24 Jan 201900:00	–	nessus

NVD

Node

gnu wgetRange<1.20.1

Source	Link
security	www.security.gentoo.org/glsa/201903-08
usn	www.usn.ubuntu.com/3943-1/
twitter	www.twitter.com/marcan42/status/1077676739877232640
security	www.security.netapp.com/advisory/ntap-20190321-0002/
securityfocus	www.securityfocus.com/bid/106358
git	www.git.savannah.gnu.org/cgit/wget.git/tree/NEWS
access	www.access.redhat.com/errata/RHSA-2019:3701

21 Nov 2024 04:01Current

7.8High risk

Vulners AI Score7.8

CVSS 22.1

CVSS 37.8

EPSS0.00044