Your submission was sent successfully! Close

CVE-2016-7098

Published: 26 September 2016

Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.

Priority

Low

CVSS 3 base score: 8.1

Status

Package Release Status
wget
Launchpad, Ubuntu, Debian
artful
Released (1.19.1-3ubuntu1.1)
precise
Released (1.13.4-2ubuntu1.5)
trusty
Released (1.15-1ubuntu1.14.04.3)
upstream Needs triage

xenial
Released (1.17.1-1ubuntu1.3)
yakkety Ignored
(reached end-of-life)
zesty
Released (1.18-2ubuntu1.1)