Just to add one more thing...even though Nmap itself isn't vulnerable, we'll be updating to the patched OpenSSL in the next release. We understand that nobody wants these "vulnerable" OpenSSL DLL's on their system even if they can't technically be exploited. They can still lead to alerts from vulnerability scanners, etc. Thanks @miloslav-zadrazil-solarwinds for the report, and of course @dmiller-nmap for researching the CVE's so quickly.
Describe the bug
Vulnerability scans on nmap release shows high severity issue of OpenSSL 3.0.5 version
could you, please provide me with information whether nmap is affected by those vulnerabilities ?
The text was updated successfully, but these errors were encountered: