6 matches found
PT-2026-24055
A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function input zip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The explo...
CVE-2023-48171
An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...
CVE-2023-48171
An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...
CVE-2023-48171
An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...
CVE-2023-48171
CVE-2023-48171 affects OWASP DefectDojo before v1.5.3.1. The issue, described consistently across NVD/OSV/CVE feeds, is a privilege-escalation in the user permissions component that could allow a remote attacker to gain HIGH impact. The only remediation documented is to upgrade to DefectDojo v1.5...
CVE-2023-48171
An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component...