Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|
CVE-2024-38428 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo ... |
CVE-2024-10524 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable | vulnerable | Applications that use Wget to access a remote resource using shorthand ... |
CVE-2021-31879 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | GNU Wget through 1.21.1 does not omit the Authorization header upon a ... |
Bug | Description |
---|
CVE-2019-5953 | Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers ... |
CVE-2018-20483 | set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's ... |
CVE-2018-0494 | GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in ... |
CVE-2017-13090 | The retr.c:fd_read_body() function is called when processing OK respon ... |
CVE-2017-13089 | The http.c:skip_short_body() function is called in some circumstances, ... |
CVE-2017-6508 | CRLF injection vulnerability in the url_parse function in url.c in Wge ... |
CVE-2016-7098 | Race condition in wget 1.17 and earlier, when used in recursive or mir ... |
CVE-2016-4971 | GNU wget before 1.18 allows remote servers to write to arbitrary files ... |
CVE-2014-4877 | Absolute path traversal vulnerability in GNU Wget before 1.16, when re ... |
CVE-2010-2252 | GNU Wget 1.12 and earlier uses a server-provided filename instead of t ... |
CVE-2009-3490 | GNU Wget before 1.12 does not properly handle a '\0' character in a do ... |
CVE-2006-6719 | The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) ... |
CVE-2005-3185 | Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ... |
CVE-2004-2014 | Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via ... |
CVE-2004-1488 | wget 1.8.x and 1.9.x does not filter or quote control characters when ... |
CVE-2004-1487 | wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite ... |
CVE-2002-1565 | Buffer overflow in url_filename function for wget 1.8.1 allows attacke ... |
CVE-2002-1344 | Directory traversal vulnerability in wget before 1.8.2-4 allows a remo ... |