CVE-2018-20483
HIGHGNU Wget < 1.20.1 - Sensitive Information Exposure via Extended File Attributes
Title source: llmDescription
set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.
References (7)
Core 7
Core References
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190321-0002/
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:3701
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201903-08
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106358
Exploit, Third Party Advisory x_refsource_misc
https://twitter.com/marcan42/status/1077676739877232640
Release Notes, Third Party Advisory x_refsource_misc
http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3943-1/
Scores
CVSS v3
7.8
EPSS
0.0004
EPSS Percentile
13.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-200
Status
published
Products (1)
gnu/wget
< 1.20.1
Published
Dec 26, 2018
Tracked Since
Feb 18, 2026