VDB

GCVE-110-MAGEIA-2014-431

GCVE-110-MAGEIA-2014-431
Advisory Published
Vulnetix · Advisory published October 28, 2014
Updated wget package fixes security vulnerability: Wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP (CVE-2014-4877). The default settings in wget have been changed such that wget no longer creates local symbolic links, but rather traverses them and retrieves the pointed-to file in such a retrieval. The old behaviour can be attained by passing the --retr-symlinks=no option to the wget command.

Affected Products

VendorProductVersionsPlatforms
Mageiawget0 (affected), 1.14-2.2.mga3 (unaffected)
Mageiawget1.14-4.2.mga4 (unaffected), 0 (affected)

Browse GCVE Records

73,393 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›