VulnerableCode Package Details - pkg:pypi/python-libnmap@0.6.3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/python-libnmap@0.6.3

Essentials
History (2)

purl	pkg:pypi/python-libnmap@0.6.3

Next non-vulnerable version	0.7.3
Latest non-vulnerable version	0.7.3
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-u1n5-hfbx-wuhs Aliases: CVE-2022-30284 GHSA-qwqv-j7jr-4hp6 PYSEC-2022-42999	DISPUTED In the python-libnmap package through 0.7.2 for Python, remote command execution can occur (if used in a client application that does not validate arguments). NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived over an untrusted network, and thus the CVSS score corresponds to an unrealistic use case. None of the NmapProcess documentation implies that this is an expected use case.	0.7.3 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-3d32-3wzk-7fcp	libnmap < v0.6.3 is affected by: XML Injection. The impact is: Denial of service (DoS) by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload.	CVE-2019-1010017 GHSA-9ccv-p7fg-m73x PYSEC-2019-218

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:17:20.070503+00:00	Pypa Importer	Affected by	VCID-u1n5-hfbx-wuhs	https://github.com/pypa/advisory-database/blob/main/vulns/python-libnmap/PYSEC-2022-42999.yaml	38.6.0
2026-06-02T04:05:43.485497+00:00	Pypa Importer	Fixing	VCID-3d32-3wzk-7fcp	https://github.com/pypa/advisory-database/blob/main/vulns/python-libnmap/PYSEC-2019-218.yaml	38.6.0