Lucene search
MitreCVELIST:CVE-2023-28465HistoryDec 12, 2023 - 12:00 a.m.
CVE-2023-28465
2023-12-1200:00:00
mitre
www.cve.org
2
hl7 fhir core libraries
package decompression
directory traversal
The package-decompression feature in HL7 (Health Level 7) FHIR Core Libraries before 5.6.106 allows attackers to copy arbitrary files to certain directories via directory traversal, if an allowed directory name is a substring of the directory name chosen by the attacker. NOTE: this issue exists because of an incomplete fix for CVE-2023-24057.
Related
nvd
nvd
CVE-2023-28465
2023-12-12 17:15:07
CVE-2023-24057
2023-01-26 21:18:15
cve
cve
CVE-2023-28465
2023-12-12 17:15:07
CVE-2023-24057
2023-01-26 21:18:15
veracode
veracode
Path Traversal
2023-03-19 07:29:59
Man-in-the-Middle (MitM)
2023-01-26 02:11:57
prion
prion
Directory traversal
2023-12-12 17:15:00
Directory traversal
2023-01-26 21:18:00
osv
osv
CVE-2023-28465
2023-12-12 17:15:07
HL7 FHIR Partial Path Zip Slip due to bypass of CVE-2023-24057
2023-03-10 22:15:55
CVE-2023-24057
2023-01-26 21:18:15
github
github
HL7 FHIR Partial Path Zip Slip due to bypass of CVE-2023-24057
2023-03-10 22:15:55
MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core`
2023-01-23 22:05:28
gitlab
gitlab
Relative Path Traversal
2023-01-23 00:00:00
cvelist
cvelist
CVE-2023-24057
2023-01-24 00:00:00