VDB

GCVE-110-MAGEIA-2018-244

GCVE-110-MAGEIA-2018-244
Advisory Published
Vulnetix · Advisory published May 16, 2018
Harry Sintonen discovered that wget does not properly handle '\r\n' from continuation lines while parsing the Set-Cookie HTTP header. A malicious web server could use this flaw to inject arbitrary cookies to the cookie jar file, adding new or replacing existing cookie values (CVE-2018-0494). The Mageia 6 package has been updated to version 1.19.5, which fixes this issue as well as other possible security issues found by fuzzing. The Mageia 5 package has been patched to fix CVE-2018-0494.

Affected Products

VendorProductVersionsPlatforms
Mageiawget1.15-5.4.mga5 (unaffected), 0 (affected)
Mageiawget0 (affected), 1.19.5-1.mga6 (unaffected)

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›