Lucene search
K

4 matches found

NVD
NVD
added 2026/03/31 5:16 p.m.15 views

CVE-2026-34361

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

9.3CVSS0.00299EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/31 4:56 p.m.1 views

CVE-2026-34361 HAPI FHIR: Unauthenticated SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

9.3CVSS5.8AI score0.00299EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/31 4:56 p.m.26 views

CVE-2026-34361 HAPI FHIR: Unauthenticated SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith...

9.3CVSS0.00299EPSS
Exploits1References1
GitLab Advisory Database
GitLab Advisory Database
added 2026/03/30 12:0 a.m.7 views

FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

The FHIR Validator HTTP service exposes an unauthenticated /loadIG endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith URL prefix matching flaw in the credential provider ManagedWebAccessUtils.getServer, an attacker can steal authentication tokens...

9.3CVSS5.9AI score0.00299EPSS
Exploits1References4
Rows per page
Query Builder