Gnu Project Wget vulnerabilities
2 known vulnerabilities affecting gnu_project/wget.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-13090HIGHCVSS 8.8vprior to 1.19.22017-10-27
CVE-2017-13090 [HIGH] CWE-122 CVE-2017-13090: The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent
The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but end
cvelistv5nvd
CVE-2017-13089HIGHCVSS 8.8vprior to 1.19.22017-10-27
CVE-2017-13089 [HIGH] CWE-121 CVE-2017-13089: The http.c:skip_short_body() function is called in some circumstances, such as when processing redir
The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by
cvelistv5nvd