Lucene search
Gentoo FoundationMGASA-2024-0240HistoryJun 27, 2024 - 8:12 p.m.
Updated wget packages fix security vulnerability
2024-06-2720:12:06
Gentoo Foundation
advisories.mageia.org
7
wget packages
security vulnerability
url mishandle
semicolons
userinfo subcomponent
uri
host subcomponent
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. (CVE-2024-38428)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 9 | noarch | wget | < 1.21.4-1.1 | wget-1.21.4-1.1.mga9 |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0240)
2024-06-28 00:00:00
Ubuntu: Security Advisory (USN-6852-1)
2024-06-27 00:00:00
Ubuntu: Security Advisory (USN-6852-2)
2024-06-28 00:00:00
debiancve
debiancve
CVE-2024-38428
2024-06-16 03:15:08
osv
osv
wget vulnerability
2024-06-27 10:42:13
wget vulnerability
2024-06-26 12:20:33
redhatcve
redhatcve
CVE-2024-38428
2024-06-18 05:07:17
ubuntucve
ubuntucve
CVE-2024-38428
2024-06-16 00:00:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : Wget vulnerability (USN-6852-2)
2024-06-27 00:00:00
SUSE SLES12 Security Update : wget (SUSE-SU-2024:2154-1)
2024-06-22 00:00:00
cvelist
cvelist
CVE-2024-38428
2024-06-16 00:00:00
nvd
nvd
CVE-2024-38428
2024-06-16 03:15:08
cbl_mariner
cbl_mariner
CVE-2024-38428 affecting package wget for versions less than 1.21.2-3
2024-06-28 17:07:09
ubuntu
ubuntu
Wget vulnerability
2024-06-27 00:00:00
Wget vulnerability
2024-06-26 00:00:00
redos
redos
ROS-20240619-03
2024-06-19 00:00:00
cve
cve
CVE-2024-38428
2024-06-16 03:15:08