Description
Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.
References (6)
Core 6
Core References
Product x_refsource_misc
https://www.gnu.org/software/wget/
Third Party Advisory x_refsource_misc
http://jvn.jp/en/jp/JVN25261088/index.html
Vendor Advisory x_refsource_confirm
https://support.f5.com/csp/article/K14560101
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201908-19
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2979
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:3168
Scores
CVSS v3
9.8
EPSS
0.0153
EPSS Percentile
81.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (1)
gnu/wget
< 1.20.1
Published
May 17, 2019
Tracked Since
Feb 18, 2026