wget

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Network utility to retrieve files from the Web
Version 1.20.1-3 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-473 1.19.1-2 1.19.2-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2017-6508 AVG-473 Medium Yes Content spoofing
A CRLF injection flaw was found in the way wget < 1.19.2 handled URLs. A remote attacker could use this flaw to inject arbitrary HTTP headers in requests,...
CVE-2017-13090 AVG-473 Critical Yes Arbitrary code execution
A heap-based buffer overflow has been found in the HTTP protocol handling code of wget < 1.19.2, when processing chunked encoded HTTP responses. By tricking...
CVE-2017-13089 AVG-473 Critical Yes Arbitrary code execution
A stack-based buffer overflow has been found in the HTTP protocol handling code of wget < 1.19.2, when processing chunked, encoded HTTP responses. By...

Advisories

Date Advisory Group Severity Description
29 Oct 2017 ASA-201710-34 AVG-473 Critical multiple issues