wget-openssl1 (SUSE:Linux Enterprise Server 11-SECURITY) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 11-SECURITY package wget-openssl1, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2016-4971 — CVSS 8.8 (high): GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVE-2016-7098 — CVSS 8.1 (high): Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to…
CVE-2018-0494 — CVSS 6.5 (medium): GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a…
CVE-2017-6508 — CVSS 6.1 (medium): CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP…