cve/CVE-2024-38428.md at edc21dfd23c1fd07dfa20d053e3b92d875e0ab18

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.

POC

Reference

No PoCs from references.

Github

https://github.com/Dgporte/ExerciciosDockerPB2025
https://github.com/OzNetNerd/CheckovOutputProcessor
https://github.com/robertsirc/sle-bci-demo
https://github.com/runwhen-contrib/helm-charts
https://github.com/w4zu/Debian_security

1001 B Raw Blame History

CVE-2024-38428

Description

POC

Reference

Github

1001 B

Raw Blame History