How many CVEs does owasp defectdojo have?

owasp defectdojo has 2 published CVE records since 2024.

How many owasp defectdojo CVEs are in CISA KEV?

None of owasp defectdojo's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for owasp defectdojo vulnerabilities?

Yes — 1 of owasp defectdojo's CVEs have a known public exploit.

Which versions of owasp defectdojo are affected?

10 distinct owasp defectdojo versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in owasp defectdojo CVEs?

owasp defectdojo's CVEs most often map to these CWE weakness types: CWE-269 (Improper Privilege Management), CWE-404 (Improper Resource Shutdown or Release).

What is the average severity of owasp defectdojo CVEs?

The average CVSS base score across owasp defectdojo's scored CVEs is 7.0.

owasp defectdojo Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of owasp defectdojo's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High1

Medium1

Low0

In CISA’s Known Exploited Vulnerabilities catalog

None of owasp defectdojo's CVEs are currently listed in CISA's KEV catalog.

Public exploits

One of owasp defectdojo's CVEs has a known public exploit available.

Affected versions and CVEs

Browse every owasp defectdojo version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

2.55.01 CVE
2.55.11 CVE
2.55.21 CVE
2.55.31 CVE
2.55.41 CVE

Version ranges

< 1.5.3.11 CVE
< 2.56.01 CVE
>= 2.56.01 CVE

Fixed in

1.5.3.11 CVE
2.56.01 CVE

Find a version

2 CVEs

Sort

OWASP DefectDojo SonarQubeParser/MSDefenderParser parser.py input_zip.read denial of service
CVE-2026-3816
Public exploit
Patch
CWE-404
Medium · CVSS 5.3
EPSS 0.0% (9th pct)2026-03-09
High vulnerability · 2024-08-12
CVE-2023-48171
Patch
CWE-269
High · CVSS 8.8
EPSS 1.1% (79th pct)2024-08-12

Severity and exploitation

Affected versions and CVEs

Specific versions

Version ranges

Fixed in

owasp defectdojo Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Specific versions

Version ranges

Fixed in

Common weakness types

Disclosure activity by year

Other owasp products

Frequently asked questions

How many CVEs does owasp defectdojo have?

How many owasp defectdojo CVEs are in CISA KEV?

Are there public exploits for owasp defectdojo vulnerabilities?

Which versions of owasp defectdojo are affected?

What are the most common weakness types in owasp defectdojo CVEs?

What is the average severity of owasp defectdojo CVEs?

References

Track owasp defectdojo vulnerabilities