CVE-2019-5953

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.

References

http://jvn.jp/en/jp/JVN25261088/index.html

https://access.redhat.com/errata/RHSA-2019:2979

https://access.redhat.com/errata/RHSA-2019:3168

https://security.gentoo.org/glsa/201908-19

https://support.f5.com/csp/article/K14560101

https://www.gnu.org/software/wget/

Details

Source: MITRE

Published: 2019-05-17

Updated: 2020-08-24

Type: CWE-787

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:* versions up to 1.20.1 (inclusive)

Tenable Plugins

View all (32 total)

IDNameProductFamilySeverity
145660CentOS 8 : wget (CESA-2019:0983)NessusCentOS Local Security Checks
critical
144234Virtuozzo 7 : wget (VZLSA-2019-1228)NessusVirtuozzo Local Security Checks
critical
130154RHEL 7 : wget (RHSA-2019:3168)NessusRed Hat Local Security Checks
critical
129741RHEL 7 : wget (RHSA-2019:2979)NessusRed Hat Local Security Checks
critical
129216EulerOS 2.0 SP3 : wget (EulerOS-SA-2019-2023)NessusHuawei Local Security Checks
critical
127968GLSA-201908-19 : GNU Wget: Arbitrary code executionNessusGentoo Local Security Checks
critical
127572Oracle Linux 8 : wget (ELSA-2019-0983)NessusOracle Linux Local Security Checks
critical
127295NewStart CGSL CORE 5.05 / MAIN 5.05 : wget Vulnerability (NS-SA-2019-0082)NessusNewStart CGSL Local Security Checks
critical
127290NewStart CGSL CORE 5.04 / MAIN 5.04 : wget Vulnerability (NS-SA-2019-0079)NessusNewStart CGSL Local Security Checks
critical
127002EulerOS 2.0 SP8 : wget (EulerOS-SA-2019-1765)NessusHuawei Local Security Checks
critical
126863EulerOS 2.0 SP2 : wget (EulerOS-SA-2019-1736)NessusHuawei Local Security Checks
critical
126549EulerOS Virtualization for ARM 64 3.0.2.0 : wget (EulerOS-SA-2019-1707)NessusHuawei Local Security Checks
critical
126432EulerOS 2.0 SP5 : wget (EulerOS-SA-2019-1691)NessusHuawei Local Security Checks
critical
126204Photon OS 1.0: Wget PHSA-2019-1.0-0237NessusPhotonOS Local Security Checks
high
125899Amazon Linux 2 : wget (ALAS-2019-1227)NessusAmazon Linux Local Security Checks
critical
125315CentOS 7 : wget (CESA-2019:1228)NessusCentOS Local Security Checks
critical
125190Oracle Linux 7 : wget (ELSA-2019-1228)NessusOracle Linux Local Security Checks
critical
125129Scientific Linux Security Update : wget on SL7.x x86_64 (20190514)NessusScientific Linux Local Security Checks
critical
125054RHEL 7 : wget (RHSA-2019:1228)NessusRed Hat Local Security Checks
critical
124669RHEL 8 : wget (RHSA-2019:0983)NessusRed Hat Local Security Checks
critical
124498Fedora 30 : wget (2019-66142859a3)NessusFedora Local Security Checks
critical
124355openSUSE Security Update : wget (openSUSE-2019-1281)NessusSuSE Local Security Checks
critical
124218Debian DLA-1760-1 : wget security updateNessusDebian Local Security Checks
critical
124200Amazon Linux AMI : wget (ALAS-2019-1194)NessusAmazon Linux Local Security Checks
critical
124187openSUSE Security Update : wget (openSUSE-2019-1236)NessusSuSE Local Security Checks
critical
124111SUSE SLED12 / SLES12 Security Update : wget (SUSE-SU-2019:0956-1)NessusSuSE Local Security Checks
critical
123994SUSE SLED15 / SLES15 Security Update : wget (SUSE-SU-2019:0925-1)NessusSuSE Local Security Checks
critical
123973Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : wget vulnerabilities (USN-3943-1)NessusUbuntu Local Security Checks
critical
123840Fedora 28 : wget (2019-9f891cd83a)NessusFedora Local Security Checks
critical
123811Slackware 14.2 / current : wget (SSA:2019-095-02)NessusSlackware Local Security Checks
critical
123804Fedora 29 : wget (2019-7a0497cbc2)NessusFedora Local Security Checks
critical
123799Debian DSA-4425-1 : wget - security updateNessusDebian Local Security Checks
critical