Bachir Bendrissou

**Name of the Vulnerable Software and Affected Versions** GNU Wget versions 1.24.5 and earlier **Description** The issue is related to the userinfo URI component manager in GNU Wget, where data intended for the userinfo subcomponent is misinterpreted as part of the host subcomponent due to insecure behavior when handling semicolons. This could allow a remote attacker to impact the confidentiality and integrity of protected information. **Recommendations** For GNU Wget versions 1.24.5 and earlier, consider updating to a version later than 1.24.5 to resolve the issue. As a temporary workaround, avoid using semicolons in the userinfo subcomponent of a URI until a patch is available. Restrict access to sensitive information that could be impacted by this issue until the update is applied.