« List of all CVEs

CVE-2017-6508

Published: 3/7/2017 Last updated: 8/5/2024 Reserved: 3/7/2017

CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-wget

Products affected (1)

Product Vendor Version
n/a n/a < 5612287991debe310c914600599bd59511ababfb

References (8)