CVE-2018-0494

Опубликовано: 06 мая 2018

Источник: debian

EPSS Высокий

Описание

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.

Пакет	Статус	Версия исправления	Релиз	Тип
wget	fixed	1.19.5-1		package

https://lists.gnu.org/archive/html/bug-wget/2018-05/msg00020.html
https://savannah.gnu.org/bugs/?53763
https://git.savannah.gnu.org/cgit/wget.git/commit/?id=1fc9c95ec144499e69dc8ec76dbe07799d7d82cd
https://sintonen.fi/advisories/gnu-wget-cookie-injection.txt

EPSS

Процентиль: 99%

0.76826

Высокий

CVE-2018-0494

CVSS3: 6.5

ubuntu

больше 7 лет назад

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.

CVE-2018-0494

CVSS3: 7.1

redhat

больше 7 лет назад

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.

CVE-2018-0494

CVSS3: 6.5

nvd

больше 7 лет назад

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.

openSUSE-SU-2018:1383-1

suse-cvrf

больше 7 лет назад

Security update for wget

SUSE-SU-2018:1373-1

suse-cvrf

больше 7 лет назад

Security update for wget

EPSS

Процентиль: 99%

0.76826

Высокий