{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "6.49-beta6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.00" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.01" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.11" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.12" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.25-beta1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.25-beta2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.30" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.31" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.40" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.50" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.60" } ] } ] } } ], "details": "nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.", "id": "CVE-2018-1000161", "modified": "2026-03-13T21:58:10.344134976Z", "published": "2018-04-18T19:29:00.503Z", "references": [ { "type": "ADVISORY", "url": "https://nmap.org/changelog.html" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ] }