CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CloudLinux•added 2025/08/28 7:38 p.m.•3 views

wget: Fix of CVE-2024-38428

CVE-2024-38428: fix mishandle semicolons in userinfo subcomponent of URI to prevent insecure behavior...

OpenVAS•added 2024/10/28 12:0 a.m.•4 views

Huawei EulerOS: Security Advisory for wget (EulerOS-SA-2024-2697)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.5AI score0.00197EPSS

Tenable Nessus•added 2024/10/27 12:0 a.m.•12 views

EulerOS Virtualization 2.12.0 : wget (EulerOS-SA-2024-2780)

According to the versions of the wget package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior ...

9.1CVSS7AI score0.00197EPSS

F5 Networks•added 2024/10/16 4:9 p.m.•18 views

K000141479: Wget vulnerability CVE-2024-38428

Security Advisory Description url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

Tenable Nessus•added 2024/10/09 12:0 a.m.•17 views

EulerOS 2.0 SP12 : wget (EulerOS-SA-2024-2543)

According to the versions of the wget package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data...

Tenable Nessus•added 2024/10/09 12:0 a.m.•17 views

EulerOS 2.0 SP12 : wget (EulerOS-SA-2024-2518)

Rosalinux•added 2024/10/03 10:28 p.m.•18 views

Advisory ROSA-SA-2024-2503

Software: wget 1.19.5 OS: ROSA Virtualization 2.1 packageevrstring: wget-1.19.5-12.rv3 CVE-ID: CVE-2024-38428 BDU-ID: 2024-04683 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the userinfo URI component of the GNU Wget download manager is related to insecure behavior in which data that should hav...

9.1CVSS6.9AI score0.00197EPSS

Tenable Nessus•added 2024/09/12 12:0 a.m.•13 views

EulerOS 2.0 SP10 : wget (EulerOS-SA-2024-2430)

Tenable Nessus•added 2024/09/12 12:0 a.m.•8 views

EulerOS 2.0 SP9 : wget (EulerOS-SA-2024-2407)

Tenable Nessus•added 2024/07/22 12:0 a.m.•21 views

Amazon Linux 2023 : wget (ALAS2023-2024-657)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-657 advisory. url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent i...

9.1CVSS7AI score0.00197EPSS

Tenable Nessus•added 2024/07/03 12:0 a.m.•22 views

CBL Mariner 2.0 Security Update: wget (CVE-2024-38428)

The version of wget installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38428 advisory. - url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there M...

9.1CVSS7AI score0.00197EPSS

OpenVAS•added 2024/06/28 12:0 a.m.•23 views

Mageia: Security Advisory (MGASA-2024-0240)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.3AI score0.00197EPSS

OSV•added 2024/06/16 3:15 a.m.•18 views

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

9.1CVSS6.5AI score

NVD•added 2024/06/16 3:15 a.m.•25 views

CVE-2024-38428

9.1CVSS0.00197EPSS

UbuntuCve•added 2024/06/16 3:15 a.m.•37 views

CVE-2024-38428

9.1CVSS6.8AI score0.00197EPSS

OSV•added 2024/06/16 3:15 a.m.•0 views

UBUNTU-CVE-2024-38428

9.1CVSS6.8AI score0.00197EPSS

Exploits0References5

Vulnrichment•added 2024/06/16 12:0 a.m.•31 views

CVE-2024-38428

6.5AI score0.00197EPSS

Debian CVE•added 2024/06/16 12:0 a.m.•55 views

CVE-2024-38428

9.1CVSS6.8AI score0.00197EPSS

CNNVD•added 2024/06/16 12:0 a.m.•1 views

GNU Wget Security Vulnerability

GNU Wget is a suite of free software from the US GNU community for making downloads over the network, which supports downloads over the three most common TCP/IP protocols, HTTP, HTTPS, and FTP. A security vulnerability exists in GNU Wget version 1.24.5, which stems from url.c incorrectly handling...

9.1CVSS6.5AI score0.00197EPSS