url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 28 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:gnu:wget:-:*:*:*:*:*:*:* | |
Metrics |
ssvc
|
Fri, 06 Sep 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:9.2 |
|
Vendors & Products |
Redhat rhel Eus
|
Fri, 16 Aug 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat enterprise Linux
|
|
CPEs | cpe:/a:redhat:enterprise_linux:8 | |
Vendors & Products |
Redhat enterprise Linux
|
Thu, 08 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Gnu
Gnu wget |
|
Weaknesses | CWE-436 | |
CPEs | cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:* | |
Vendors & Products |
Gnu
Gnu wget |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
Tue, 06 Aug 2024 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat rhel Aus Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat
Redhat rhel Aus Redhat rhel E4s Redhat rhel Tus |
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-06-16T00:00:00
Updated: 2024-11-15T13:08:17.232Z
Reserved: 2024-06-16T00:00:00
Link: CVE-2024-38428
Vulnrichment
Updated: 2024-11-15T13:08:17.232Z
NVD
Status : Modified
Published: 2024-06-16T03:15:08.430
Modified: 2024-11-21T09:25:48.560
Link: CVE-2024-38428
Redhat