Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.8 views

CVE-2026-49120

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

8.5CVSS5.6AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2731

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.00637EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/02/05 1:10 a.m.11 views

CVE-2024-46984

The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...

9.8CVSS6.8AI score0.00637EPSS
Exploits0
NVD
NVD
added 2024/09/19 11:15 p.m.48 views

CVE-2024-46984

The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...

9.8CVSS0.00637EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/09/19 10:38 p.m.13 views

CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator

The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...

8.6CVSS6.8AI score0.00637EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/09/19 10:38 p.m.44 views

CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator

The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...

8.6CVSS0.00637EPSS
Exploits0References6
CVE
CVE
added 2024/09/19 10:38 p.m.63 views

CVE-2024-46984

CVE-2024-46984 affects gematik app-referencevalidator’s referencevalidator Commons profile location routine, which is vulnerable to XML External Entities (XXE) due to insecure Woodstox WstxInputFactory defaults. A malicious XML resource can induce network requests and Server-Side Request Forgery ...

9.8CVSS8.6AI score0.00637EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/09/19 10:38 p.m.25 views

CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator

The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...

8.6CVSS6.7AI score0.00637EPSS
Exploits0References8
Rows per page
Query Builder