CVE-2019-5953

CVE-2019-5953 describes a buffer overflow in GNU Wget (affected versions 1.20.1 and earlier) that could allow a remote attacker to cause a DoS or potentially execute arbitrary code via unspecified vectors. Public sources in connected documents point to a heap-based/buffer overflow in wget’s input...

CVE-2024-38428

CVE-2024-38428 affects GNU Wget up to 1.24.5 and is caused by improper handling of semicolons in the userinfo subcomponent of a URI, which can cause data intended for userinfo to be misinterpreted as part of the host. The Connected documents confirm multiple advisories (Brocade SANnav/SANnav v2.x...

CVE-2016-4971

CVE-2016-4971 affects GNU Wget prior to 1.18. The issue occurs when following an HTTP redirect to an FTP resource: the filename provided by the server is trusted, which can cause wget to overwrite a local file with a name from the redirected resource. This could potentially allow arbitrary file o...

CVE-2018-0494

CVE-2018-0494 affects GNU Wget prior to 1.19.5. The vulnerability is due to cookie handling in the resp_new function in http.c that can be abused via a CRLF sequence in a continuation line, enabling cookie injection. Exploitation details are not provided in the sources; some advisories state the ...

CVE-2018-20483

CVE-2018-20483 affects GNU Wget prior to 1.20.1, where set_file_metadata in xattr.c stores the file’s origin URL (and Referer info) in user.xdg.origin.url / user.xdg.referrer.url extended attributes. Local users could read these attributes and obtain sensitive information (e.g., credentials in th...

CVE-2021-31879

CVE-2021-31879 affects GNU Wget by not omitting the Authorization header when redirecting to a different origin. Public details show: upstream GNU Wget up to 1.21.1 is vulnerable; Alpine Linux advisories indicate wget older than 1.21.2-1 are affected and that upgrading resolves the issue; other e...

CVE-2017-6508

CVE-2017-6508 is a CRLF injection flaw in the url_parse function of Wget’s url.c (affecting Wget up to version 1.19.1). A remote attacker could inject arbitrary HTTP headers via CRLF sequences in the host portion of a URL, potentially influencing requests. Exploitation details are described in mu...

CVE-2017-13089

Summary: CVE-2017-13089 affects wget prior to 1.19.2. The issue is a stack-based buffer overflow in the HTTP protocol handling for chunked responses, caused by parsing chunk lengths with strtol() without enforcing non-negativity, leading to an attacker-controlled length passed to fd_read(). A rel...

CVE-2017-13090

The connected documents confirm CVE-2017-13090 affects wget prior to 1.19.2, due to chunked HTTP processing in retr.c:fd_read_body(). The chunk parser uses strtol() to read chunk lengths but does not validate non-negativity; then reads chunks with MIN(..) and passes a negative length to fd_read()...

CVE-2014-4877

Consolidated details for CVE-2014-4877: GNU Wget before 1.16 is vulnerable when recursion is enabled. A crafted LIST response from a remote FTP server can cause Wget to write to arbitrary files and, consequently, execute arbitrary code due to a symlink-related directory listing that references th...

CVE-2010-2252

CVE-2010-2252 affects GNU Wget 1.12 and earlier, where a 3xx redirect process can cause a server-provided filename to be used for destination files, potentially leading to arbitrary file writes or code execution via dotfiles in a home directory. Connected docs confirm affected package versions an...

CVE-2016-7098

CVE-2016-7098 affects GNU Wget 1.17 and earlier. A race condition in recursive/mirroring mode can allow remote servers to bypass access-list restrictions by keeping an HTTP connection open. Public evidence includes exploit-db entries for GNU Wget

CVE-2009-3490

CVE-2009-3490 : GNU Wget

CVE-2002-1344

CVE-2002-1344 affects wget prior to 1.8.2-4 and is confirmed across multiple disclosures. The vulnerability is a directory-traversal flaw that allows a malicious FTP server to create or overwrite files as the wget user by using filenames containing /absolute/path or .. sequences. Public documenta...

CVE-2004-1487

CVE-2004-1487 affects wget 1.8.x and 1.9.x, where a remote server can cause overwriting of local files via a redirect URL containing ".." that resolves to the attacker’s IP, bypassing wget’s ".." filtering. Connected docs confirm this as a vulnerability in redirection URL handling and indicate up...

CVE-2004-1488

CVE-2004-1488 affects wget 1.8.x and 1.9.x, where control characters in HTTP responses were not filtered/quoted when displayed in the terminal. This allowed remote attackers (malicious web servers) to inject terminal escape sequences that could lead to arbitrary code execution in interactive sess...

CVE-2004-2014

CVE-2004-2014 affects wget 1.9 and 1.9.1, where a local user can overwrite arbitrary files via a symlink attack on the target filename during download. The underlying cause is a symlink/ race condition when determining the output file, permitting writes to files the user has access to. Remediatio...

CVE-2006-6719

CVE-2006-6719 affects FSF GNU wget 1.10.2; the ftp_syst function in ftp-basic.c can be triggered by a malicious FTP server sending a flood of blank 220 responses to SYST, causing a denial-of-service (application crash). Exploitation is remote via the FTP server. Remediation is to update to patche...

CVE-1999-0402

CVE-1999-0402 affects wget 1.5.3, where the tool follows symlinks and changes permissions of the target file (not the symlink). The Red Hat, SUSE, and PT-Software entries corroborate the same description. The root cause is wget’s behavior when handling symlinks, leading to potential unintended pe...