{"url":"http://public2.vulnerablecode.io/api/packages/13623?format=json","purl":"pkg:pypi/python-libnmap@0.2.8","type":"pypi","namespace":"","name":"python-libnmap","version":"0.2.8","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.7.3","latest_non_vulnerable_version":"0.7.3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35376?format=json","vulnerability_id":"VCID-3d32-3wzk-7fcp","summary":"libnmap < v0.6.3 is affected by: XML Injection. The impact is: Denial of service (DoS) by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1010017","reference_id":"","reference_type":"","scores":[{"value":"0.00558","scoring_system":"epss","scoring_elements":"0.6857","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1010017"},{"reference_url":"https://github.com/advisories/GHSA-9ccv-p7fg-m73x","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9ccv-p7fg-m73x"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/python-libnmap/PYSEC-2019-218.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/python-libnmap/PYSEC-2019-218.yaml"},{"reference_url":"https://github.com/savon-noir/python-libnmap","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/savon-noir/python-libnmap"},{"reference_url":"https://github.com/savon-noir/python-libnmap/commit/71b707758851e4b622f87d9a73266e06f60aeab4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/savon-noir/python-libnmap/commit/71b707758851e4b622f87d9a73266e06f60aeab4"},{"reference_url":"https://github.com/savon-noir/python-libnmap/issues/87","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/savon-noir/python-libnmap/issues/87"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1010017","reference_id":"CVE-2019-1010017","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1010017"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13631?format=json","purl":"pkg:pypi/python-libnmap@0.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3d32-3wzk-7fcp"},{"vulnerability":"VCID-u1n5-hfbx-wuhs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/python-libnmap@0.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/27712?format=json","purl":"pkg:pypi/python-libnmap@0.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u1n5-hfbx-wuhs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/python-libnmap@0.7.2"}],"aliases":["CVE-2019-1010017","GHSA-9ccv-p7fg-m73x","PYSEC-2019-218"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3d32-3wzk-7fcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36086?format=json","vulnerability_id":"VCID-u1n5-hfbx-wuhs","summary":"** DISPUTED ** In the python-libnmap package through 0.7.2 for Python, remote command execution can occur (if used in a client application that does not validate arguments). NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived over an untrusted network, and thus the CVSS score corresponds to an unrealistic use case. None of the NmapProcess documentation implies that this is an expected use case.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30284","reference_id":"","reference_type":"","scores":[{"value":"0.14208","scoring_system":"epss","scoring_elements":"0.94515","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30284"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/python-libnmap/PYSEC-2022-42999.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/python-libnmap/PYSEC-2022-42999.yaml"},{"reference_url":"https://github.com/savon-noir/python-libnmap","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/savon-noir/python-libnmap"},{"reference_url":"https://github.com/savon-noir/python-libnmap/commit/c36fecde90017befeb4853396d0e2aac93c95b64","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/savon-noir/python-libnmap/commit/c36fecde90017befeb4853396d0e2aac93c95b64"},{"reference_url":"https://github.com/savon-noir/python-libnmap/releases","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/savon-noir/python-libnmap/releases"},{"reference_url":"https://github.com/savon-noir/python-libnmap/releases/tag/v0.7.3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/savon-noir/python-libnmap/releases/tag/v0.7.3"},{"reference_url":"https://libnmap.readthedocs.io/en/latest/process.html#using-libnmap-process","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://libnmap.readthedocs.io/en/latest/process.html#using-libnmap-process"},{"reference_url":"https://pypi.org/project/python-libnmap","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/python-libnmap"},{"reference_url":"https://pypi.org/project/python-libnmap/","reference_id":"","reference_type":"","scores":[],"url":"https://pypi.org/project/python-libnmap/"},{"reference_url":"https://www.swascan.com/security-advisory-libnmap-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.swascan.com/security-advisory-libnmap-2"},{"reference_url":"https://www.swascan.com/security-advisory-libnmap-2/","reference_id":"","reference_type":"","scores":[],"url":"https://www.swascan.com/security-advisory-libnmap-2/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30284","reference_id":"CVE-2022-30284","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-30284"},{"reference_url":"https://github.com/advisories/GHSA-qwqv-j7jr-4hp6","reference_id":"GHSA-qwqv-j7jr-4hp6","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qwqv-j7jr-4hp6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27713?format=json","purl":"pkg:pypi/python-libnmap@0.7.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/python-libnmap@0.7.3"}],"aliases":["CVE-2022-30284","GHSA-qwqv-j7jr-4hp6","PYSEC-2022-42999"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1n5-hfbx-wuhs"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/python-libnmap@0.2.8"}