wget

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Network utility to retrieve files from the Web
Version 1.21.2-1 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-1892 1.21.2-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-31879 AVG-1892 Medium Yes Information disclosure
GNU Wget does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.

Resolved

Group Affected Fixed Severity Status Ticket
AVG-473 1.19.1-2 1.19.2-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2017-13090 AVG-473 Critical Yes Arbitrary code execution
A heap-based buffer overflow has been found in the HTTP protocol handling code of wget < 1.19.2, when processing chunked encoded HTTP responses. By tricking...
CVE-2017-13089 AVG-473 Critical Yes Arbitrary code execution
A stack-based buffer overflow has been found in the HTTP protocol handling code of wget < 1.19.2, when processing chunked, encoded HTTP responses. By...
CVE-2017-6508 AVG-473 Medium Yes Content spoofing
A CRLF injection flaw was found in the way wget < 1.19.2 handled URLs. A remote attacker could use this flaw to inject arbitrary HTTP headers in requests,...

Advisories

Date Advisory Group Severity Type
29 Oct 2017 ASA-201710-34 AVG-473 Critical multiple issues