{"id":"AZL-73904","summary":"CVE-2025-69195 affecting package wget for versions less than 2.1.0-7","details":"A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities.","modified":"2026-04-21T04:34:01.954427Z","published":"2026-01-09T08:15:58Z","upstream":["CVE-2025-69195"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-69195"}],"affected":[{"package":{"name":"wget","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/wget"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1.0-7"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-73904.json"}}],"schema_version":"1.7.5"}