Medium severity6.5NVD Advisory· Published Nov 19, 2024· Updated Apr 15, 2026
CVE-2024-10524
CVE-2024-10524
Description
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords9 versionspkg:rpm/opensuse/wget&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/wget&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/wget&distro=openSUSE%20Tumbleweedpkg:rpm/suse/wget&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/wget&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/wget&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/wget&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/wget&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/wget&distro=SUSE%20Linux%20Micro%206.1
< 1.20.3-150000.3.26.1+ 8 more
- (no CPE)range: < 1.20.3-150000.3.26.1
- (no CPE)range: < 1.20.3-150600.19.9.1
- (no CPE)range: < 1.25.0-1.1
- (no CPE)range: < 1.20.3-150000.3.26.1
- (no CPE)range: < 1.20.3-150000.3.26.1
- (no CPE)range: < 1.20.3-150600.19.9.1
- (no CPE)range: < 1.14-21.25.1
- (no CPE)range: < 1.24.5-2.1
- (no CPE)range: < 1.24.5-slfo.1.1_2.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.