Information on source package wget

Available versions

ReleaseVersion
jessie1.16-1+deb8u4
jessie (security)1.16-1+deb8u5
stretch1.18-5+deb9u1
stretch (security)1.18-5+deb9u2
buster1.19.5-1
sid1.19.5-1

Open issues

BugjessiestretchbustersidDescription
CVE-2016-7098vulnerable (no DSA)fixedfixedfixedRace condition in wget 1.17 and earlier, when used in recursive or ...

Resolved issues

BugDescription
CVE-2018-0494GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in ...
CVE-2017-6508CRLF injection vulnerability in the url_parse function in url.c in Wget ...
CVE-2017-13090The retr.c:fd_read_body() function is called when processing OK ...
CVE-2017-13089The http.c:skip_short_body() function is called in some circumstances, ...
CVE-2016-4971GNU wget before 1.18 allows remote servers to write to arbitrary files ...
CVE-2014-4877Absolute path traversal vulnerability in GNU Wget before 1.16, when ...
CVE-2010-2252GNU Wget 1.12 and earlier uses a server-provided filename instead of ...
CVE-2009-3490GNU Wget before 1.12 does not properly handle a '\0' character in a ...
CVE-2006-6719The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) ...
CVE-2005-3185Stack-based buffer overflow in the ntlm_output function in http-ntlm.c ...
CVE-2004-2014Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via ...
CVE-2004-1488wget 1.8.x and 1.9.x does not filter or quote control characters when ...
CVE-2004-1487wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite ...
CVE-2002-1565Buffer overflow in url_filename function for wget 1.8.1 allows ...
CVE-2002-1344Directory traversal vulnerability in wget before 1.8.2-4 allows a ...

Security announcements

DSA / DLADescription
DLA-1375-1wget - security update
DSA-4195-1wget - security update
DSA-4195-1wget - security update
DSA-4008-1wget - security update
DSA-4008-1wget - security update
DLA-1149-1wget - security update
DLA-851-1wget - security update
DLA-536-1wget - security update
DLA-82-1wget - security update
DSA-3062-1wget - security update
DSA-2088-1wget - potential code execution
DSA-1904-1wget - SSL certificate verification weakness
DSA-1904-1wget - SSL certificate verification weakness
DSA-209wget - directory traversal

Search for package or bug name: Reporting problems