5 matches found
CVE-2021-32053
JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=3.4.0 <=5.3.3), ca.uhn.hapi.fhir:hapi-fhir-cli-jpaserver (>=4.1.0 <=5.3.3) +34 more potentially affected by CVE-2021-32053 via ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base (>=0.9 <=5.3.3)
ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base MAVEN version =0.9, =3.4.0, =4.1.0, =5.3.0, =3.6.0, =5.3.0, =5.1.0, =5.3.0, =3.5.0, =4.0.0, =5.1.0, =0.9, =0.1.0-1, =0.1.0-2, =0.9, =1.10.5 - org.hspconsortium.reference:hspc-reference-api-fhir =0.9 and more Source cves: CVE-2021-32053 Source advisory:...
CVE-2021-32053
JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...
CVE-2021-32053
JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...
CVE-2021-32053
CVE-2021-32053 affects HAPI FHIR’s JPA Server prior to 5.4.0. The issue allows denial of service through history requests: a SELECT COUNT triggers a full index scan, consuming server resources and potentially disabling access to the database when many concurrent history operations occur. Connecte...