{"id":"CVE-2021-31879","details":"GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.","modified":"2026-03-13T04:28:08.839918Z","published":"2021-04-29T05:15:08.707Z","related":["SUSE-SU-2025:0366-1","SUSE-SU-2025:0380-1","SUSE-SU-2025:0425-1"],"references":[{"type":"ADVISORY","url":"https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210618-0002/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.21.1"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-31879.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}