Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Hapifhir Security Vulnerabilities

cve
cve

CVE-2023-28465

The package-decompression feature in HL7 (Health Level 7) FHIR Core Libraries before 5.6.106 allows attackers to copy arbitrary files to certain directories via directory traversal, if an allowed directory name is a substring of the directory name chosen by the attacker. NOTE: this issue exists...

7.5CVSS

7.7AI Score

0.002EPSS

2023-12-12 05:15 PM
3150
cve
cve

CVE-2023-24057

HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison...

8.1CVSS

7.5AI Score

0.002EPSS

2023-01-26 09:18 PM
71
cve
cve

CVE-2020-24301

Users of the HAPI FHIR Testpage Overlay 5.0.0 and below can use a specially crafted URL to exploit an XSS vulnerability in this module, allowing arbitrary JavaScript to be executed in the user's browser. The impact of this vulnerability is believed to be low, as this module is intended for testing....

6.1CVSS

6AI Score

0.001EPSS

2020-10-08 02:15 PM
35