INFSA-2024:6192: Wget security update
Information about definition
Identificator: INFSA-2024:6192
Type: security
Release date: 2024-12-26 14:20:11 UTC
Information about package
The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols.
Vulnerabilities description
- CVE-2024-38428
A flaw was found in wget. Incorrect handling of semicolons in the userinfo subcomponent of a URI allows it to be misinterpreted as part of the host subcomponent, potentially exposing user credentials.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-38428
|
no information | 5.5 | no information |
Updated packages