VDB
GCVE-110-MAGEIA-2018-196
GCVE-110-MAGEIA-2018-196
Advisory Published
Nmap developer nnposter found a security flaw (directory traversal
vulnerability) in the way the non-default http-fetch script sanitized
URLs. If a user manualy ran this NSE script against a malicious web
server, the server could potentially (depending on NSE arguments used)
cause files to be saved outside the intended destination directory.
Existing files couldn't be overwritten. We fixed http-fetch, audited
our other scripts to ensure they didn't make this mistake, and updated
the httpspider library API to protect against this by default.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | nmap | 0 (affected), 7.40-1.1.mga6 (unaffected) | — |
Browse GCVE Records
73,442 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.