GNU Wget is vulnerable to arbitrary code execution. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit this flaw to potentially execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
wget | eq | 1.14__13.el7 | |
wget:3.4 | eq | 1.18-r1 | |
wget | eq | 1.14__13.el7 | |
wget:3.4 | eq | 1.18-r1 |
git.savannah.gnu.org/cgit/wget.git/commit/?id=ba6b44f6745b14dce414761a8e4b35d31b176bba
www.debian.org/security/2017/dsa-4008
www.securityfocus.com/bid/101590
www.securitytracker.com/id/1039661
access.redhat.com/errata/RHSA-2017:3075
access.redhat.com/security/updates/classification/#important
security.gentoo.org/glsa/201711-06
www.synology.com/support/security/Synology_SA_17_62_Wget
www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2017/haavoittuvuus-2017-037.html