VulnerableCode Package Details - pkg:deb/debian/wget@1.21.3-1

Search for packages

Package details: pkg:deb/debian/wget@1.21.3-1

Essentials
History (4)

purl	pkg:deb/debian/wget@1.21.3-1
Tags	Ghost

Next non-vulnerable version	1.25.0-2
Latest non-vulnerable version	1.25.0-2
Risk	4.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-xzny-z3mh-aaan Aliases: CVE-2024-38428	url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.	1.21.3-1+deb12u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.24.5-2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-xzny-z3mh-aaan
Aliases:
CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.

1.21.3-1+deb12u1
Affected by 1 other vulnerability.

1.24.5-2
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-02-22T00:15:16.473360+00:00	Debian Importer	Affected by	VCID-xzny-z3mh-aaan	https://security-tracker.debian.org/tracker/data/json	35.1.0
2024-11-24T11:27:44.447686+00:00	Debian Importer	Affected by	VCID-xzny-z3mh-aaan	https://security-tracker.debian.org/tracker/data/json	35.0.0
2024-10-11T07:15:15.385491+00:00	Debian Importer	Affected by	VCID-xzny-z3mh-aaan	https://security-tracker.debian.org/tracker/data/json	34.0.2
2024-09-25T21:12:02.690803+00:00	Debian Importer	Affected by	VCID-xzny-z3mh-aaan	https://security-tracker.debian.org/tracker/data/json	34.0.1