CVE-2018-0494
Description
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a sequence in a continuation line.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
70.791
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| retrieves files from the web (USN-3464-1) wget_1.17.1-1ubuntu1.4_amd64.deb | Linux |
| retrieves files from the web (USN-3464-1) wget_1.17.1-1ubuntu1.4_i386.deb | Linux |
| retrieves files from the web (USN-3464-1) wget_1.19.1-3ubuntu1.2_i386.deb | Linux |
| retrieves files from the web (USN-3464-1) wget_1.15-1ubuntu1.14.04.4_amd64.deb | Linux |
| retrieves files from the web (USN-3464-1) wget_1.15-1ubuntu1.14.04.4_i386.deb | Linux |
| retrieves files from the web (USN-3643-1) wget_1.17.1-1ubuntu1.4_i386.deb | Linux |
| retrieves files from the web (USN-3643-1) wget_1.17.1-1ubuntu1.4_amd64.deb | Linux |
| retrieves files from the web (USN-3643-1) wget_1.19.1-3ubuntu1.2_i386.deb | Linux |
| retrieves files from the web (USN-3643-1) wget_1.19.1-3ubuntu1.2_amd64.deb | Linux |
| retrieves files from the web (USN-3643-1) wget_1.19.4-1ubuntu2.1_i386.deb | Linux |
| retrieves files from the web (USN-3643-1) wget_1.19.4-1ubuntu2.1_amd64.deb | Linux |
| retrieves files from the web (USN-3643-1) wget_1.15-1ubuntu1.14.04.4_i386.deb | Linux |
| retrieves files from the web (USN-3643-1) wget_1.15-1ubuntu1.14.04.4_amd64.deb | Linux |
| wget security update(DSA-4195-1) wget_1.18-5+deb9u2_i386.deb | Linux |
| wget security update(DSA-4195-1) wget_1.18-5+deb9u2_amd64.deb | Linux |
| Wget security update (CESA-2017:3075) wget-1.14-18.el7.x86_64.rpm | Linux |
| SUSE-SU-2018:1367-1(SUSE Linux Enterprise Server 11-SP4 ) wget-1.11.4-1.41.3.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1373-1(SUSE Linux Enterprise Desktop 12-SP3 ) wget-1.14-21.7.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1373-1(SUSE Linux Enterprise Desktop 12-SP3 ) wget-debuginfo-1.14-21.7.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1373-1(SUSE Linux Enterprise Desktop 12-SP3 ) wget-debugsource-1.14-21.7.1.x86_64.rpm | Linux |
| Improper Input Validation Vulnerability (CVE-2018-0494) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234