HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2016-7098

CVSS 8.1v3.0pub. 2016-09-26upd. 2026-05-06

Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.

CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Gnu Wget

    APP
    Gnu
    ≤ 1.17
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Race Condition
CWE
References

Related vulnerabilities

CVE-2024-38428CRITICAL9.1PL ✓ten sam produkt

GNU Wget — błędna interpretacja średnika w sekcji userinfo URI

CVE-2019-5953CRITICAL9.8ten sam produkt

Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or m...

CVE-2018-20483HIGH7.8ten sam produkt

set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url m...

CVE-2017-13089HIGH8.8ten sam produkt

The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When...

CVE-2017-13090HIGH8.8ten sam produkt

The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked i...