CVE-2017-6508

Опубликовано: 07 мар. 2017

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.1

Описание

CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.

Релиз	Статус	Примечание
artful	released	1.19.1-3ubuntu1.1
devel	released	1.19.1-3ubuntu1.1
esm-infra-legacy/trusty	released	1.15-1ubuntu1.14.04.3
esm-infra/xenial	released	1.17.1-1ubuntu1.3
precise	ignored	end of life
precise/esm	not-affected	1.13.4-2ubuntu1.5
trusty	released	1.15-1ubuntu1.14.04.3
trusty/esm	released	1.15-1ubuntu1.14.04.3
upstream	needed
vivid/stable-phone-overlay	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 40%

0.00186

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2017-6508

CVSS3: 5.3

redhat

почти 9 лет назад

CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.

CVE-2017-6508

CVSS3: 6.1

nvd

почти 9 лет назад

CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.

CVE-2017-6508

CVSS3: 6.1

debian

почти 9 лет назад

CRLF injection vulnerability in the url_parse function in url.c in Wge ...

openSUSE-SU-2017:0890-1

suse-cvrf

почти 9 лет назад

Security update for wget

SUSE-SU-2017:0800-1

suse-cvrf

почти 9 лет назад

Security update for wget

EPSS

Процентиль: 40%

0.00186

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2017-6508

Описание

Пакет wget

Ссылки на источники

Связанные уязвимости