wget
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Network utility to retrieve files from the Web |
| Version | 1.24.5-1 [extra] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1892 | 1.21.3-1 | Medium | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-31879 | AVG-1892 | Medium | Yes | Information disclosure | A flaw was found in wget. If wget sends an Authorization header as part of a query and receives an HTTP REDIRECT to a third party in return, the... |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-473 | 1.19.1-2 | 1.19.2-1 | Critical | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2017-13090 | AVG-473 | Critical | Yes | Arbitrary code execution | A heap-based buffer overflow has been found in the HTTP protocol handling code of wget < 1.19.2, when processing chunked encoded HTTP responses. By tricking... |
| CVE-2017-13089 | AVG-473 | Critical | Yes | Arbitrary code execution | A stack-based buffer overflow has been found in the HTTP protocol handling code of wget < 1.19.2, when processing chunked, encoded HTTP responses. By... |
| CVE-2017-6508 | AVG-473 | Medium | Yes | Content spoofing | A CRLF injection flaw was found in the way wget < 1.19.2 handled URLs. A remote attacker could use this flaw to inject arbitrary HTTP headers in requests,... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 29 Oct 2017 | ASA-201710-34 | AVG-473 | Critical | multiple issues |