CVE-2018-0494

描述

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.

受影響套件(4)

• Alpine/wgetfrom 0, < 1.19.5-r0
• Debian/wgetfrom 0, < 1.19.5-1
• Debian/wgetfrom 0, < 1.13.4-3+deb7u6
• Debian/wgetfrom 0, < 1.16-1+deb8u5

CVSS 分數

參考連結(2)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2018-0494
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2018-0494