Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 522
Alerts This Week
Warning Icon 1 522

Ubuntu 26.04 Wget Critical DoS & Code Exec Flaws USN-8543-1

ubuntu
Calendar Grey July 14, 2026
Dist Ubuntu Esm H88
Several security issues were fixed in Wget affecting multiple Ubuntu versions, including critical flaws that may allow remote code execution.
Several security issues were fixed in Wget.

Summary

Several security issues were fixed in Wget.

Software Description:

- wget: retrieves files from the web

Details:

It was discovered that Wget mishandled semicolons in the userinfo

subcomponent of a URL. A remote attacker could possibly use this issue

to trick a user into connecting to a different host than intended. This

issue only affected Ubuntu 14.04 LTS. (CVE-2024-38428)

It was discovered that Wget incorrectly handled Metalink documents

containing a whitespace-only URL. A remote attacker could possibly use

this issue to cause a denial of service. This issue only affected Ubuntu

18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu

26.04 LTS. (CVE-2026-58469)

It was discovered that Wget incorrectly handled Content-Range header

values, leading to an integer overflow. A remote attacker could

possibly use this issue to cause download desynchronization.

(CVE-2026-58470)

It was discovered that Wget incorrectly handled character set

conversion of server-suppl...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  wget                            1.25.0-2ubuntu4.2

Ubuntu 24.04 LTS
  wget                            1.21.4-1ubuntu4.3

Ubuntu 22.04 LTS
  wget                            1.21.2-2ubuntu1.3

Ubuntu 20.04 LTS
  wget                            1.20.3-1ubuntu2.1+esm2
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  wget                            1.19.4-1ubuntu2.2+esm3
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  wget                            1.17.1-1ubuntu1.5+esm3
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  wget                            1.15-1ubuntu1.14.04.5+esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8543-1

CVE-2024-38428, CVE-2026-58469, CVE-2026-58470, CVE-2026-58471,

CVE-2026-58472

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8543-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.