VYPR

Defectdojo

by Trustwave

Source repositories

CVEs (3)

  • CVE-2026-7510MedApr 30, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. The…

  • CVE-2026-3816MedMar 9, 2026
    risk 0.28cvss 4.3epss 0.01

    A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function input_zip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated…

  • CVE-2023-48171Aug 12, 2024
    risk 0.00cvss epss 0.01

    An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component.