Homepage

python-libnmap@0.5.1 vulnerabilities

Python NMAP library enabling you to start async nmap tasks, parse and compare/diff scan results

  • latest version

    0.7.3

  • latest non vulnerable version

    0.7.3

  • first published

    11 years ago

  • latest version published

    2 years ago

  • licenses detected

  • View python-libnmap package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the python-libnmap package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Remote Code Execution (RCE)

    python-libnmap is a Python NMAP library that enabling you to start async nmap tasks, parse and compare/diff scan results.

    Affected versions of this package are vulnerable to Remote Code Execution (RCE) when the client application fails to validate the user input in the final nmap command line being executed on the underlying Opearting System. This can lead to the upload and execution of a custom LUA script using the Nmap Scripting Language (NSE).

    How to fix Remote Code Execution (RCE)?

    Upgrade python-libnmap to version 0.7.3 or higher.

    [,0.7.3)
    • H
    XML External Entity (XXE) Injection

    python-libnmap is a Python NMAP library that enabling you to start async nmap tasks, parse and compare/diff scan results.

    Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. Is vulnerable to XML Bomb attacks using the "Billion Laughs" XXE bomb attack.

    How to fix XML External Entity (XXE) Injection?

    Upgrade python-libnmap to version 0.7.2 or higher.

    [0,0.7.2)
    Go back to all versions of this package