rpm package
suse/wget&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/wget&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-10524 | Med | 6.5 | < 1.14-21.25.1 | 1.14-21.25.1 | Nov 19, 2024 | Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host. | |
| CVE-2021-31879 | — | < 1.14-21.22.1 | 1.14-21.22.1 | Apr 29, 2021 | GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. |
- affected < 1.14-21.25.1fixed 1.14-21.25.1
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.
- CVE-2021-31879Apr 29, 2021affected < 1.14-21.22.1fixed 1.14-21.22.1
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.