CVE-2026-3816 | OWASP DefectDojo up to 2.55.4 SonarQubeParser/MSDefenderParser parser.py input_zip.read denial of service

Inserito da Angelo Barbosa | Mar 8, 2026 | CVE

A vulnerability was found in OWASP DefectDojo up to 2.55.4. It has been classified as problematic. This vulnerability affects the function input_zip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service.

This vulnerability is documented as CVE-2026-3816. The attack can be initiated remotely. Additionally, an exploit exists.

Upgrading the affected component is recommended.

CVE-2026-3816 | OWASP DefectDojo up to 2.55.4 SonarQubeParser/MSDefenderParser parser.py input_zip.read denial of service

Post correlati

CVE-2024-9115 | Common Tools for Site Plugin up to 1.0.2 on WordPress SVG File Upload cross site scripting

CVE-2025-0110 | Palo Alto PAN-OS OpenConfig Plugin up to 2.1.1 Management Web Interface os command injection

CVE-2025-5789 | TOTOLINK X15 1.0.0-B20230714.1105 HTTP POST Request /boafrm/formPortFw service_type buffer overflow

CVE-2024-10941 | Mozilla Firefox up to 125 iFrame denial of service