Wget2
Monthly
GNU wget2 incorrectly validates TLS server certificates, accepting certificates with improper Key Usage (KU) or Extended Key Usage (EKU) attributes. This allows attackers who have compromised certificates issued for non-server purposes to impersonate legitimate servers in TLS connections, enabling man-in-the-middle attacks that leak sensitive information such as authentication credentials or request/response data.
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. [CVSS 7.6 HIGH]
A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. [CVSS 8.8 HIGH]
GNU wget2 incorrectly validates TLS server certificates, accepting certificates with improper Key Usage (KU) or Extended Key Usage (EKU) attributes. This allows attackers who have compromised certificates issued for non-server purposes to impersonate legitimate servers in TLS connections, enabling man-in-the-middle attacks that leak sensitive information such as authentication credentials or request/response data.
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. [CVSS 7.6 HIGH]
A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. [CVSS 8.8 HIGH]