Lucene search
HistoryJun 16, 2024 - 3:15 a.m.
CVE-2024-38428
gnu wget
1.24.5
url
userinfo subcomponent
insecure behavior
0.0004 Low
EPSS
Percentile
9.2%
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
Related
ubuntucve
ubuntucve
CVE-2024-38428
2024-06-16 00:00:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : Wget vulnerability (USN-6852-2)
2024-06-27 00:00:00
SUSE SLES12 Security Update : wget (SUSE-SU-2024:2154-1)
2024-06-22 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0240)
2024-06-28 00:00:00
Ubuntu: Security Advisory (USN-6852-1)
2024-06-27 00:00:00
Ubuntu: Security Advisory (USN-6852-2)
2024-06-28 00:00:00
debiancve
debiancve
CVE-2024-38428
2024-06-16 03:15:08
osv
osv
wget vulnerability
2024-06-27 10:42:13
wget vulnerability
2024-06-26 12:20:33
redhatcve
redhatcve
CVE-2024-38428
2024-06-18 05:07:17
cvelist
cvelist
CVE-2024-38428
2024-06-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-38428 affecting package wget for versions less than 1.21.2-3
2024-06-28 17:07:09
ubuntu
ubuntu
Wget vulnerability
2024-06-26 00:00:00
Wget vulnerability
2024-06-27 00:00:00
redos
redos
ROS-20240619-03
2024-06-19 00:00:00
cve
cve
CVE-2024-38428
2024-06-16 03:15:08
mageia
mageia
Updated wget packages fix security vulnerability
2024-06-27 20:12:06