| 标题 | OWASP DefectDojo <= 2.55.4 Denial of Service |
|---|
| 描述 | Multiple components within DefectDojo, specifically SonarQubeParser and MSDefenderParser, are vulnerable to a Zip Bomb (Denial of Service) attack. These parsers employ an unsafe file reading pattern (input_zip.read(name)) when processing user-uploaded ZIP archives. This method indiscriminately loads the entire uncompressed content of files into the server's memory without validating the size or compression ratio. An authenticated attacker who has the permission to upload findings can exploit this by uploading a small, highly compressed ZIP file (e.g., ~5MB) that expands to a massive size (e.g., 5GB or more) upon extraction. This triggers an Out-Of-Memory (OOM) condition, causing the application process to crash and leading to a Denial of Service.
Fixation PR: https://github.com/DefectDojo/django-DefectDojo/pull/14408 |
|---|
| 来源 | ⚠️ https://github.com/henrrrychau/cve-bug-bounty/blob/main/dfdj_zip_bomb_dos_oom/dfdj_zip_bomb_dos_oom.md |
|---|
| 用户 | h3nrrrych4u (UID 95805) |
|---|
| 提交 | 2026-02-28 07時34分 (2 月前) |
|---|
| 管理 | 2026-03-08 18時23分 (8 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 349782 [OWASP DefectDojo 直到 2.55.4 SonarQubeParser/MSDefenderParser parser.py input_zip.read 拒绝服务] |
|---|
| 积分 | 20 |
|---|