VDB
CVE-2021-31879
CVE-2021-31879
PUBLISHED
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
EPSS 0.15% · 35.8th percentile
Risk Scores
EPSS Score
0.15%
35.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:25.10 | wget | 1.25.0-2ubuntu1, 1.25.0-2ubuntu3, 1.25.0-2ubuntu2 |
| Ubuntu:24.04:LTS | wget | 1.21.3-1ubuntu1, 1.21.4-1ubuntu3, 1.21.4-1ubuntu1 |
| Ubuntu:22.04:LTS | wget | 1.21-1ubuntu4, 1.21-1ubuntu3, 0 |
| Ubuntu:Pro:16.04:LTS | wget | 1.17.1-1ubuntu1.3, 1.17.1-1ubuntu1.2, 1.17.1-1ubuntu1.1 |
| Ubuntu:Pro:18.04:LTS | wget | 0, 1.19.1-3ubuntu1, 1.19.1-3ubuntu1.1 |
| Ubuntu:14.04:LTS | wget | 1.14-2ubuntu1, 1.15-1ubuntu1.14.04.1, 1.15-1ubuntu1 |
| Ubuntu:20.04:LTS | wget | 0, 1.20.3-1ubuntu2.1, 1.20.3-1ubuntu2 |
Timeline
- Apr 28, 2021 CVE Published
- Apr 29, 2021 EPSS Score
- Jul 2, 2021 EPSS Score
- Sep 2, 2021 EPSS Score
- Nov 3, 2021 EPSS Score
- Jan 5, 2022 EPSS Score
- Mar 8, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 9, 2022 EPSS Score
- Jul 10, 2022 EPSS Score
- Sep 11, 2022 EPSS Score
- Nov 12, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-31879 third-party-advisory
- https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-31879 third-party-advisory