Mageia 9: 2024-0240 Moderate: Wget URL Userinfo Handling Issue

mageia

June 27, 2024

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the u...

Summary

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. (CVE-2024-38428)

References

- https://bugs.mageia.org/show_bug.cgi?id=33327

- https://lists.suse.com/pipermail/sle-updates/2024-June/035703.html

- https://www.cve.org/CVERecord?id=CVE-2024-38428

Topics Covered

security advisory moderate Mageia userinfo handling data misinterpretation

Resolution

SRPMS

- 9/core/wget-1.21.4-1.1.mga9

Publication date: 27 Jun 2024

URL: https://advisories.mageia.org/MGASA-2024-0240.html

Type: security

CVE: CVE-2024-38428

Topics Covered

security advisory moderate Mageia userinfo handling data misinterpretation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 9: 2024-0240 Moderate: Wget URL Userinfo Handling Issue

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 9: 2024-0240 Moderate: Wget URL Userinfo Handling Issue

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!