{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2018-25282", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-26T13:02:34.328Z", "datePublished": "2026-04-26T13:19:14.211Z", "dateUpdated": "2026-04-27T14:04:40.659Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-26T13:19:14.211Z"}, "datePublic": "2018-09-10T00:00:00.000Z", "title": "Nmap 7.70 Denial of Service via XML Entity Expansion", "descriptions": [{"lang": "en", "value": "Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import functionality to cause the program to consume excessive system resources and crash."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Uncontrolled Recursion", "cweId": "CWE-674", "type": "CWE"}]}], "affected": [{"vendor": "ZenMap", "product": "ZenMap", "versions": [{"version": "7.70", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/45357", "name": "ExploitDB-45357", "tags": ["exploit"]}, {"url": "https://nmap.org/dist/nmap-7.70-setup.exe", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: Nmap 7.70 Denial of Service via XML Entity Expansion", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/nmap-denial-of-service-via-xml-entity-expansion"}], "credits": [{"lang": "en", "value": "Gionathan \"John\" Reale", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T14:04:28.643420Z", "id": "CVE-2018-25282", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T14:04:40.659Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Nmap 7.70 Denial of Service via XML Entity Expansion", "credits": [{"lang": "en", "type": "finder", "value": "Gionathan \"John\" Reale"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "ZenMap", "product": "ZenMap", "versions": [{"status": "affected", "version": "7.70"}]}], "datePublic": "2018-09-10T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/45357", "name": "ExploitDB-45357", "tags": ["exploit"]}, {"url": "https://nmap.org/dist/nmap-7.70-setup.exe", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/nmap-denial-of-service-via-xml-entity-expansion", "name": "VulnCheck Advisory: Nmap 7.70 Denial of Service via XML Entity Expansion", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import functionality to cause the program to consume excessive system resources and crash."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-674", "description": "Uncontrolled Recursion"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-26T13:19:14.211Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-25282", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-27T14:04:28.643420Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-04-27T14:04:36.142Z"}}]}, "cveMetadata": {"cveId": "CVE-2018-25282", "state": "PUBLISHED", "dateUpdated": "2026-04-26T13:19:14.211Z", "dateReserved": "2026-04-26T13:02:34.328Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-26T13:19:14.211Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import functionality to cause the program to consume excessive system resources and crash."}], "id": "CVE-2018-25282", "lastModified": "2026-04-27T18:55:32.883", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-26T22:17:28.993", "references": [{"source": "disclosure@vulncheck.com", "url": "https://nmap.org/dist/nmap-7.70-setup.exe"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/45357"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/nmap-denial-of-service-via-xml-entity-expansion"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-674"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{"bugzilla": {"description": "nmap: zenmap: Nmap/ZenMap: Denial of Service via XML entity expansion", "id": "2461936", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461936"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-776", "details": ["Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import functionality to cause the program to consume excessive system resources and crash.", "A flaw was found in Nmap and ZenMap. A local attacker could exploit this vulnerability by crafting a malicious XML file with nested entity definitions. When this file is opened through ZenMap's scan import functionality, it causes the program to consume excessive system resources, leading to a denial of service (DoS) by crashing the application."], "name": "CVE-2018-25282", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "nmap", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "nmap", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "nmap", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "nmap", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "nmap", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2026-04-26T13:19:14Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-25282\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-25282\nhttps://nmap.org/dist/nmap-7.70-setup.exe\nhttps://www.exploit-db.com/exploits/45357\nhttps://www.vulncheck.com/advisories/nmap-denial-of-service-via-xml-entity-expansion"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.70"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "zenmap", "vendor": "zenmap"}], "analysis": {"en": {"generated_at": "2026-04-28T19:56:18.983763+00:00", "value": {"mitigation_remediation": ["Install the latest Nmap/ZenMap release that addresses XML entity expansion vulnerabilities.", "Limit privileges so that only trusted users can import XML files into ZenMap.", "If an update cannot be applied immediately, monitor the application for crashes and consider disabling XML entity expansion processing in any custom parsing utilities."], "summary": {"action": "Upgrade", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "ZenMap 7.70 is affected. No other versions are listed as vulnerable.", "description_and_impact": "Nmap 7.70 includes a denial\u2011of\u2011service bug that allows local attackers to crash ZenMap by processing a specially crafted XML file with exponential entity expansion. When a user imports such a file through ZenMap\u2019s scan\u2011import function, the parser expands nested entities until system resources are exhausted, causing the application to crash. The weakness corresponds to CWE\u2011674, uncontrolled resource consumption, and CWE\u2011776.", "risk_and_exploitability": "The CVSS score of 6.9 signals moderate severity, and the EPSS < 1% indicates very low likelihood of exploitation in the field. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires a local user to create and open a malicious XML file via the ZenMap import interface; no network or privilege escalation vector is disclosed."}}}}, "created": "2026-04-27T20:20:26.146687+00:00", "updated": "2026-04-28T20:00:19.894858+00:00", "vendors": ["zenmap", "zenmap$PRODUCT$zenmap"]}