MAL-2025-5390 Malicious code in defectdojo (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in defectdojo (npm)

The package communicates with a domain associated with malicious activity...

CVE-2023-48171

An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...

CVE-2023-48171

An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...

CVE-2023-48171

An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...

PT-2024-13552 · Owasp · Owasp Defectdojo

Name of the Vulnerable Software and Affected Versions: OWASP DefectDojo versions prior to 1.5.3.1 Description: An issue in the user permissions component allows a remote attacker to escalate privileges. Recommendations: For versions prior to 1.5.3.1, update to version 1.5.3.1 or later to resolve...

OWASP DefectDojo 安全漏洞

OWASP DefectDojo is a powerful vulnerability management platform and DevSecOps platform from the US-based OWASP Foundation. A security vulnerability exists in OWASP DefectDojo versions prior to v.1.5.3.1, which stems from a remote attacker being able to elevate privileges via the user rights...

CVE-2023-48171

CVE-2023-48171 affects OWASP DefectDojo before v1.5.3.1. The issue, described consistently across NVD/OSV/CVE feeds, is a privilege-escalation in the user permissions component that could allow a remote attacker to gain HIGH impact. The only remediation documented is to upgrade to DefectDojo v1.5...

CVE-2023-48171

An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...

CVE-2023-48171

An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...

Malicious code in @defectdojo/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7829990b125f94bdbe28de3849b4e7d744d86a16de66a4dcb9495cb48c72dbf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PeTeReport - An Open-Source Application Vulnerability Reporting Tool

PeTeReport Pe nTe st Report is an open-source application vulnerability reporting tool designed to assist pentesting/redteaming efforts, by simplifying the task of writting and generation of reports. Focused in product security, the tool help security researchers and pentesters to provide detaile...

DefectDojo - Application Vulnerability Correlation And Security Orchestration Application

DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one...