CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-03-07T08:39:00
Updated: 2024-08-05T15:33:20.455Z
Reserved: 2017-03-07T00:00:00
Link: CVE-2017-6508
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-03-07T08:59:00.167
Modified: 2024-11-21T03:29:55.190
Link: CVE-2017-6508
Redhat