281 matches found
TencentOS Server 4: wget (TSSA-2024:1004)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1004 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 3: wget (TSSA-2023:0139)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0139 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0063: wget (ALINUX3-SA-2022:0063)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0063 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-5953: Buffer overflow in GNU Wget 1.20.1 a...
Alibaba Cloud Linux 3 : 0194: wget (ALINUX3-SA-2024:0194)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0194 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-38428: url.c in GNU Wget through 1.24.5...
RLSA-2024:5299 Moderate: wget security update
The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fixes: wget: Misinterpretation of input may lead to improper behavior CVE-2024-38428 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...
[SECURITY] [DLA 4133-1] wget security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4133-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 21, 2025 https://wiki.debian.org/LTS -...
Security Bulletin: Vulnerability in GNU Wget affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.
Summary Potential vulnerability in GNU Wget has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...
Security Bulletin: Vulnerability in GNU Wget affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.
Summary Potential vulnerability in GNU Wget has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...
Linux Distros Unpatched Vulnerability : CVE-2021-31879
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. CVE-2021-31879 Note...
Linux Distros Unpatched Vulnerability : CVE-2024-38428
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was...
Linux Distros Unpatched Vulnerability : CVE-2018-20483
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - setfilemetadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the...
Linux Distros Unpatched Vulnerability : CVE-2016-4971
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. CVE-2016-4971 Note that...
Linux Distros Unpatched Vulnerability : CVE-2018-0494
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the respnew function in http.c via a \r\n sequence in a continuation line. CVE-2018-0494...
Linux Distros Unpatched Vulnerability : CVE-2014-4877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequentl...
Linux Distros Unpatched Vulnerability : CVE-2010-2252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote...
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent
Brocade Wget contains an improper input validation vulnerability. An attacker could exploit this via theuserinfosubcomponent of a URI to cause insecure behavior which could potentially cause improper authentication, exposure of sensitive information, or other serious data integrity issues...
Security Bulletin: Vulnerability in GNU Wget affects watsonx.data
Summary GNU Wget could allow a remote authenticated attacker to bypass security restrictions, and this could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-38428 DESCRIPTION: GNU Wget could allow a remote authenticated attacker to bypass security restrictions, caused by the mishandling...
GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs
...
GNU Wget Code Problem Vulnerability
GNU Wget is a set of free software from the American GNU community for downloading over the Internet, which supports downloading over the three most common TCP/IP protocols: HTTP, HTTPS, and FTP. A code issue vulnerability exists in GNU Wget that stems from an application using Wget to access...
CVE-2024-10524 GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host...