CVE-2022-30284

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-30284

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-30284.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-30284

Aliases

Withdrawn

2022-05-27T20:33:20Z

Published

2022-05-04T22:15:11Z

Modified

2025-01-14T10:57:19.265510Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur (if used in a client application that does not validate arguments). NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken from input data that arrived over an untrusted network, and thus the CVSS score corresponds to an unrealistic use case. None of the NmapProcess documentation implies that this is an expected use case

References

Affected packages

Git / github.com/savon-noir/python-libnmap

Affected ranges

Type: GIT
Repo: https://github.com/savon-noir/python-libnmap
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

d142c00b43fe4972daeb12f4aef639a0ef700ef3

Affected versions

0.*

0.5.1

v0.*

v0.2

v0.2.1

v0.2.2

v0.2.3

v0.2.4

v0.2.5

v0.2.6

v0.2.7

v0.2.8

v0.2.9

v0.4.1

v0.4.2

v0.4.5

v0.4.6

v0.6

v0.6.1

v0.6.2

v0.6.3

v0.7.2