Wget
Products
1- 7 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-13090 | Hig | 0.60 | 8.8 | 0.37 | Oct 27, 2017 | The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries… | ||
| CVE-2004-1488 | 0.04 | — | 0.12 | Apr 27, 2005 | wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code. | |||
| CVE-2004-2014 | 0.03 | — | 0.01 | Dec 31, 2004 | Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. | |||
| CVE-2005-3185 | 0.00 | — | 0.05 | Oct 13, 2005 | Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username. | |||
| CVE-2004-1487 | 0.00 | — | 0.02 | Apr 27, 2005 | wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences. | |||
| CVE-2002-1565 | 0.00 | — | 0.03 | Jun 16, 2003 | Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL. | |||
| CVE-1999-0402 | 0.00 | — | 0.01 | Jan 2, 1999 | wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. |
- risk 0.60cvss 8.8epss 0.37
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries…
- CVE-2004-1488Apr 27, 2005risk 0.04cvss —epss 0.12
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.
- CVE-2004-2014Dec 31, 2004risk 0.03cvss —epss 0.01
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.
- CVE-2005-3185Oct 13, 2005risk 0.00cvss —epss 0.05
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
- CVE-2004-1487Apr 27, 2005risk 0.00cvss —epss 0.02
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.
- CVE-2002-1565Jun 16, 2003risk 0.00cvss —epss 0.03
Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.
- CVE-1999-0402Jan 2, 1999risk 0.00cvss —epss 0.01
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.