722 matches found
HAPI FHIR 信息泄露漏洞
HAPI FHIR is an open-source Java-based HL7 FHIR API developed by HAPI FHIR. Versions of HAPI FHIR prior to 6.9.0 contained a vulnerability related to information leakage. This vulnerability occurred because the internal HTTP client, when setting HTTP request headers, sent the same set of headers ...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=7.4.5) +222 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.validation (>=1.0.0 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.validation MAVEN version =1.0.0, =4.0.0, =5.6.5, =4.1.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =4.0.0, =4.0.0, =8.8.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=7.4.5) +234 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.convertors (>=0.0.1 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.convertors MAVEN version =0.0.1, =4.0.0, =5.6.5, =4.1.0, =4.0.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =4.0.0, =5.5.7 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=8.6.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-converter (>=8.6.0 <=8.8.1) +95 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.dstu3.support (>=6.6.0 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.dstu3.support MAVEN version =6.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.6.0, =8.8.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
ca.uhn.hapi.fhir:hapi-fhir-base-test-jaxrsserver-kotlin (>=5.6.5 <=6.8.0), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.3 <=8.8.1) +250 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may (>=0.0.1 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may MAVEN version =0.0.1, =5.6.5, =4.0.3, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.3, =4.0.0, =5.0.0, =4.0.3, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =8.8.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=3.4.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.7.7 <=7.4.5) +208 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.r4b (>=5.6.22 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.r4b MAVEN version =5.6.22, =3.4.0, =5.7.7, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =6.2.0, =6.8.0, =6.4.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.7, =6.8.0 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=8.4.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-converter (>=8.4.0 <=8.8.1) +108 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.model (>=6.5.25 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.model MAVEN version =6.5.25, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.4.0, =8.8.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=3.4.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=7.4.5) +261 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.r5 (>=0.0.1 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.r5 MAVEN version =0.0.1, =3.4.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =4.0.0, =5.5.7 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
ca.uhn.hapi.fhir:hapi-fhir-base-test-jaxrsserver-kotlin (>=5.6.5 <=6.8.0), ca.uhn.hapi.fhir:hapi-fhir-base-test-mindeps-client (>=5.6.5 <=7.4.5) +276 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.dstu3 (>=0.0.1 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.dstu3 MAVEN version =0.0.1, =5.6.5, =5.6.5, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =5.2.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
ca.uhn.hapi.fhir:hapi-fhir-base-test-jaxrsserver-kotlin (>=5.6.5 <=6.8.0), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=8.8.1) +258 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.dstu2 (>=0.0.1 <=6.8.2)
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2 MAVEN version =0.0.1, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =8.8.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...
GHSA-P7M9-V2CM-2H7M HAPI FHIR HTTP authentication leak in redirects
Impact When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of...
HAPI FHIR HTTP authentication leak in redirects
Impact When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...