CVE
CVE-2024-38428
| CVE ID |
CVE-2024-38428
|
|---|---|
| CVSS Score |
9.1
|
| Operating System | |
| Affected Versions |
CentOS 7
|
| Patched Versions |
1.14-18_ol001.el7.1
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.