2 matches found
CVE-2026-45575
epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects uripukidpenc and...
com.oviva.telematik:epa4all-rest-service (>=0.0.4 <=1.2.1) potentially affected by CVE-2026-45575 via com.oviva.telematik:epa4all-client (>=0.0.4 <=1.2.1)
com.oviva.telematik:epa4all-client MAVEN version =0.0.4, =0.0.4, =1.2.1 Source cves: CVE-2026-45575 Source advisory: OSV:GHSA-GQX7-6552-67HF...