A possible vulnerability was found in wget. The vulnerability surfaces when wget is used to download a single file with recursive option (-r / -m) and an access list ( -A ), wget only applies the list at the end of the download process.
Although the file get successfully deleted in the end, this creates a race condition situation as an attacker who has control over the URL, could slow down the download process so that he had a chance to make use of the malicious file before it gets deleted.
Public via http://www.openwall.com/lists/oss-security/2016/08/12/2
Red Hat Product Security determined that this flaw was not a security vulnerability. See the Bugzilla link for more details.