3 matches found
CVE-2022-39230
fhir-works-on-aws-authz-smart is an implementation of the authorization interface from the FHIR Works interface. Versions 3.1.1 and 3.1.2 are subject to Exposure of Sensitive Information to an Unauthorized Actor. This issue allows a client of the API to retrieve more information than the client’s...
CVE-2022-39230 Security issue in fhir-works-on-aws-authz-smart
fhir-works-on-aws-authz-smart is an implementation of the authorization interface from the FHIR Works interface. Versions 3.1.1 and 3.1.2 are subject to Exposure of Sensitive Information to an Unauthorized Actor. This issue allows a client of the API to retrieve more information than the client’s...
CVE-2022-39230
CVE-2022-39230 affects fhir-works-on-aws-authz-smart. Versions 3.1.1 and 3.1.2 are subject to Exposure of Sensitive Information to an Unauthorized Actor, allowing a client to retrieve more information than its OAuth scope permits on search-type requests. The issue originates in how authorization ...