OESA-2024-2497

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2497
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2024-2497.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2024-2497
Upstream
Published
2024-12-06T15:23:25Z
Modified
2025-08-12T05:40:52.114936Z
Summary
wget security update
Details

GNU Wget is a free software package for retrieving files using HTTP, HTTPS, FTP and FTPS the most widely-used Internet protocols. It is a non-interactive commandline tool, so it may easily be called from scripts, cron jobs, terminals without X-Windows support, etc.

Security Fix(es):

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.(CVE-2024-10524)

Database specific 
{
    "severity": "Medium"
}
References

Affected packages

openEuler:20.03-LTS-SP4

wget

Package

Name
wget
Purl
pkg:rpm/openEuler/wget&distro=openEuler-20.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.20.3-6.oe2003sp4

Ecosystem specific 

{
    "src": [
        "wget-1.20.3-6.oe2003sp4.src.rpm"
    ],
    "aarch64": [
        "wget-1.20.3-6.oe2003sp4.aarch64.rpm",
        "wget-debuginfo-1.20.3-6.oe2003sp4.aarch64.rpm",
        "wget-debugsource-1.20.3-6.oe2003sp4.aarch64.rpm",
        "wget-help-1.20.3-6.oe2003sp4.aarch64.rpm"
    ],
    "x86_64": [
        "wget-1.20.3-6.oe2003sp4.x86_64.rpm",
        "wget-debuginfo-1.20.3-6.oe2003sp4.x86_64.rpm",
        "wget-debugsource-1.20.3-6.oe2003sp4.x86_64.rpm",
        "wget-help-1.20.3-6.oe2003sp4.x86_64.rpm"
    ]
}

openEuler:22.03-LTS-SP1

wget

Package

Name
wget
Purl
pkg:rpm/openEuler/wget&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.21.2-6.oe2203sp1

Ecosystem specific 

{
    "src": [
        "wget-1.21.2-6.oe2203sp1.src.rpm"
    ],
    "aarch64": [
        "wget-1.21.2-6.oe2203sp1.aarch64.rpm",
        "wget-debuginfo-1.21.2-6.oe2203sp1.aarch64.rpm",
        "wget-debugsource-1.21.2-6.oe2203sp1.aarch64.rpm",
        "wget-help-1.21.2-6.oe2203sp1.aarch64.rpm"
    ],
    "x86_64": [
        "wget-1.21.2-6.oe2203sp1.x86_64.rpm",
        "wget-debuginfo-1.21.2-6.oe2203sp1.x86_64.rpm",
        "wget-debugsource-1.21.2-6.oe2203sp1.x86_64.rpm",
        "wget-help-1.21.2-6.oe2203sp1.x86_64.rpm"
    ]
}

openEuler:22.03-LTS-SP3

wget

Package

Name
wget
Purl
pkg:rpm/openEuler/wget&distro=openEuler-22.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.21.2-6.oe2203sp3

Ecosystem specific 

{
    "src": [
        "wget-1.21.2-6.oe2203sp3.src.rpm"
    ],
    "aarch64": [
        "wget-1.21.2-6.oe2203sp3.aarch64.rpm",
        "wget-debuginfo-1.21.2-6.oe2203sp3.aarch64.rpm",
        "wget-debugsource-1.21.2-6.oe2203sp3.aarch64.rpm",
        "wget-help-1.21.2-6.oe2203sp3.aarch64.rpm"
    ],
    "x86_64": [
        "wget-1.21.2-6.oe2203sp3.x86_64.rpm",
        "wget-debuginfo-1.21.2-6.oe2203sp3.x86_64.rpm",
        "wget-debugsource-1.21.2-6.oe2203sp3.x86_64.rpm",
        "wget-help-1.21.2-6.oe2203sp3.x86_64.rpm"
    ]
}

openEuler:22.03-LTS-SP4

wget

Package

Name
wget
Purl
pkg:rpm/openEuler/wget&distro=openEuler-22.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.21.2-6.oe2203sp4

Ecosystem specific 

{
    "src": [
        "wget-1.21.2-6.oe2203sp4.src.rpm"
    ],
    "aarch64": [
        "wget-1.21.2-6.oe2203sp4.aarch64.rpm",
        "wget-debuginfo-1.21.2-6.oe2203sp4.aarch64.rpm",
        "wget-debugsource-1.21.2-6.oe2203sp4.aarch64.rpm",
        "wget-help-1.21.2-6.oe2203sp4.aarch64.rpm"
    ],
    "x86_64": [
        "wget-1.21.2-6.oe2203sp4.x86_64.rpm",
        "wget-debuginfo-1.21.2-6.oe2203sp4.x86_64.rpm",
        "wget-debugsource-1.21.2-6.oe2203sp4.x86_64.rpm",
        "wget-help-1.21.2-6.oe2203sp4.x86_64.rpm"
    ]
}

openEuler:24.03-LTS

wget

Package

Name
wget
Purl
pkg:rpm/openEuler/wget&distro=openEuler-24.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.21.4-3.oe2403

Ecosystem specific 

{
    "src": [
        "wget-1.21.4-3.oe2403.src.rpm"
    ],
    "aarch64": [
        "wget-1.21.4-3.oe2403.aarch64.rpm",
        "wget-debuginfo-1.21.4-3.oe2403.aarch64.rpm",
        "wget-debugsource-1.21.4-3.oe2403.aarch64.rpm",
        "wget-help-1.21.4-3.oe2403.aarch64.rpm"
    ],
    "x86_64": [
        "wget-1.21.4-3.oe2403.x86_64.rpm",
        "wget-debuginfo-1.21.4-3.oe2403.x86_64.rpm",
        "wget-debugsource-1.21.4-3.oe2403.x86_64.rpm",
        "wget-help-1.21.4-3.oe2403.x86_64.rpm"
    ]
}