Lucene search
K

5 matches found

Circl
Circl
added 2025/01/24 7:48 p.m.23 views

CVE-2024-52807

creationtimestamp| type| source ---|---|--- 2025-01-24 19:48:48+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113885058909709347 2025-01-24 20:04:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3008 2025-01-24 21:06:18+00:00| seen|...

8.6CVSS5.7AI score0.00547EPSS
Exploits0References3
NVD
NVD
added 2025/01/24 7:15 p.m.51 views

CVE-2024-52807

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from...

8.6CVSS0.00547EPSS
Exploits0References3
CVE
CVE
added 2025/01/24 6:34 p.m.53 views

CVE-2024-52807

The CVE-2024-52807 entry affects the org.hl7.fhir.publisher package used to generate HL7 FHIR IGs. The root cause is XML External Entity (XXE) injections in XSLT transforms performed by multiple components prior to version 1.7.4, which could allow a malicious DTD tag in submitted XML to cause dat...

8.6CVSS8.6AI score0.00547EPSS
Exploits0References3
OSV
OSV
added 2025/01/24 6:34 p.m.11 views

CVE-2024-52807 XXE vulnerability in XSLT parsing in `org.hl7.fhir.publisher`

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from...

8.6CVSS6.6AI score0.00547EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2025/01/24 6:33 p.m.6 views

org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli (>=1.1.0 <=1.2.36) potentially affected by CVE-2024-52807 via org.hl7.fhir.publisher:org.hl7.fhir.publisher.core (>=1.1.0 <=1.2.9)

org.hl7.fhir.publisher:org.hl7.fhir.publisher.core MAVEN version =1.1.0, =1.1.0, =1.2.36 Source cves: CVE-2024-52807 Source advisory: OSV:GHSA-8C3X-HQ82-GJCM...

8.6CVSS5.8AI score0.00547EPSS
Exploits0
Rows per page
Query Builder