Lucene search
K

16 matches found

OSV
OSV
added 4 days ago11 views

ROOT-APP-MAVEN-CVE-2026-34359 CVE-2026-34359 in io.root.ca.uhn.hapi.fhir:org.hl7.fhir.utilities - Patched by Root

Root has patched CVE-2026-34359 in the io.root.ca.uhn.hapi.fhir:org.hl7.fhir.utilities package for Root:Maven. Multiple fixed versions available...

9.1CVSS5.8AI score0.00158EPSS
Exploits1
OSV
OSV
added 4 days ago7 views

ROOT-APP-MAVEN-CVE-2026-55471 CVE-2026-55471 in io.root.ca.uhn.hapi.fhir:org.hl7.fhir.utilities - Patched by Root

Root has patched CVE-2026-55471 in the io.root.ca.uhn.hapi.fhir:org.hl7.fhir.utilities package for Root:Maven. Multiple fixed versions available...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 8:23 p.m.8 views

au.csiro.pathling:encoders (>=6.2.2 <=9.6.0), au.csiro.pathling:fhir-server (>=6.2.2 <=7.2.0) +246 more potentially affected by CVE-2026-45367 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=6.0.0 <=6.9.6)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =6.0.0, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =8.10.0 and more Source cves: CVE-2026-45367 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-16757891...

5.4AI score0.00086EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/30 5:24 p.m.7 views

ca.uhn.hapi.fhir:org.hl7.fhir.convertors (>=6.8.0 <=6.9.3), ca.uhn.hapi.fhir:org.hl7.fhir.dstu2 (>=6.8.0 <=6.9.3) +12 more potentially affected by CVE-2026-34359 +1 more via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=6.8.0 <=6.9.3)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =6.8.0, =6.8.0, =6.8.0, =6.8.0, =6.8.0, =6.8.0, =6.8.0, =6.8.0, =6.8.0, =6.8.0, =4.0.19, =4.14.6, =2.1.0, =2.1.0, =2.1.0, =2.2.3 Source cves: CVE-2026-34359, CVE-2026-34361 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-15855298...

9.3CVSS5.8AI score0.00299EPSS
Exploits2
Snyk
Snyk
added 2026/03/30 5:24 p.m.8 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials through and exposed /loadIG endpoint in ca.uhn.hapi.fhir:org.hl7.fhir.validation. An attacker can obtain authentication credentials for external FHIR servers by submitting a crafted URL that exploits...

9.3CVSS5.9AI score0.00299EPSS
Exploits2References2
vulnersOsv
vulnersOsv
added 2026/03/30 5:21 p.m.9 views

au.csiro.pathling:encoders (>=6.2.2 <=9.5.0), au.csiro.pathling:fhir-server (>=6.2.2 <=7.2.0) +244 more potentially affected by CVE-2026-34360 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=6.0.0 <=6.9.3)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =6.0.0, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =8.8.1 and more Source cves: CVE-2026-34360 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-15855324...

5.8CVSS5.4AI score0.00235EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/30 5:19 p.m.12 views

au.csiro.pathling:encoders (>=8.0.0 <=9.5.0), au.csiro.pathling:fhirpath (>=8.0.0 <=9.5.0) +164 more potentially affected by CVE-2026-34359 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=6.4.1 <=6.9.3)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =6.4.1, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.8.1 and more Source cves: CVE-2026-34359 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-15855257...

9.1CVSS5.4AI score0.00158EPSS
Exploits1
Snyk
Snyk
added 2026/03/30 5:19 p.m.8 views

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error in the ManagedWebAccessUtils.getServer function. An attacker can obtain authentication credentials by leveraging improper URL prefix matching during HTTP redirects, causing sensitive headers such as Bearer tokens...

9.1CVSS5.9AI score0.00158EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/03/30 5:19 p.m.9 views

au.csiro.pathling:encoders (>=5.1.0 <=9.5.0), au.csiro.pathling:fhir-server (>=5.3.1 <=7.2.0) +352 more potentially affected by CVE-2026-34359 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=6.9.3)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =5.1.0, =5.3.1, =6.2.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =5.6.5, =5.6.5, =3.4.0, =5.6.5, =4.1.0, =4.0.3, =8.8.1 and more Source cves: CVE-2026-34359 Source advisory: OSV:GHSA-FGV2-4Q4G-WC35...

9.1CVSS5.4AI score0.00158EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/18 8:7 p.m.9 views

au.csiro.pathling:encoders (>=6.2.2 <=9.5.0), au.csiro.pathling:fhir-server (>=6.2.2 <=7.2.0) +244 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=6.0.0 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =6.0.0, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =8.8.1 and more Source cves: CVE-2026-33180 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-15690826...

8.2CVSS5.4AI score0.00264EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/11/08 6:49 p.m.8 views

au.csiro.pathling:encoders (>=5.1.0 <=7.1.0), au.csiro.pathling:fhir-server (>=5.3.1 <=7.1.0) +315 more potentially affected by CVE-2024-52007 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=6.3.9)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =5.1.0, =5.3.1, =6.2.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =5.6.5, =5.6.5, =3.4.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =7.4.5 and more Source cves: CVE-2024-52007 Source advisory: OSV:GHSA-GR3C-Q7XF-47VH...

8.6CVSS7.2AI score0.00918EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/11/05 6:32 p.m.9 views

au.csiro.pathling:encoders (>=5.1.0 <=7.1.0), au.csiro.pathling:fhir-server (>=5.3.1 <=7.1.0) +315 more potentially affected by CVE-2024-51132 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=6.3.9)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =5.1.0, =5.3.1, =6.2.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =5.6.5, =5.6.5, =3.4.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =7.4.5 and more Source cves: CVE-2024-51132 Source advisory: OSV:GHSA-4CF2-CXP3-RJR7...

9.8CVSS7.2AI score0.01851EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/12/04 11:13 p.m.8 views

ca.uhn.hapi.fhir:hapi-fhir-docs (>=7.6.0 <=7.6.1), ca.uhn.hapi.fhir:hapi-fhir-jpaserver-elastic-test-utilities (>=7.6.0 <=7.6.1) +77 more potentially affected by CVE-2023-49093 via org.htmlunit:htmlunit (>=3.0.0 <=3.8.0)

org.htmlunit:htmlunit MAVEN version =3.0.0, =7.6.0, =7.6.0, =7.6.0, =7.6.0, =7.6.0, =7.6.0, =1.1.17, =1.1.17, =1.1.17, =1.0.69, =1.0.71, =1.6.0, =1.6.2 - com.nordstrom.ui-tools:selenium-foundation =28.0.1-s4 - com.outr:robobrowser2.13 =1.6.0 and more Source cves: CVE-2023-49093 Source advisory:...

9.8CVSS7.1AI score0.02378EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/03/10 10:15 p.m.4 views

bio.ferlab:fhavro (>=0.0.9 <=0.0.10), ca.uhn.hapi.fhir:hapi-fhir-base-test-jaxrsserver-kotlin (=5.6.5) +173 more potentially affected by CVE-2023-24057 +1 more via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=5.6.105)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =0.0.9, =4.0.0, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =4.0.0, =5.6.0, =5.0.0, =4.0.0, =5.3.0, =5.6.5 and more Source cves: CVE-2023-24057, CVE-2023-28465 Source advisory: OSV:GHSA-9654-PR4F-GH6M...

8.1CVSS7.1AI score0.013EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/01/23 10:5 p.m.5 views

au.csiro.pathling:encoders (>=5.1.0 <=6.1.4), au.csiro.pathling:fhir-server (>=5.3.1 <=6.1.4) +224 more potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=5.6.91)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =5.1.0, =5.3.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =5.6.5, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.2.1 and more Source cves: CVE-2023-24057 Source advisory: OSV:GHSA-JQH6-9574-5X22...

8.1CVSS7.1AI score0.01166EPSS
Exploits1
Veracode
Veracode
added 2020/11/04 1:47 a.m.11 views

XML External Entity (XXE)

hapi-fhir-utilities is vulnerable to XML external entities XXE. An attacker is able to provide malicious XML input containing a reference to an external entity and retrieve system files. The vulnerability exists as the library does not disable external DTDs and doctype declarations by default...

2.9AI score
Exploits0
Rows per page
Query Builder