691 matches found
ai.ylyue:yue-library-data-es (>=j11.2.6.0 <=j11.2.6.2), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=5.7.9) +513 more potentially affected by CVE-2023-31419 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.17.12)
org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j11.2.6.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =1.0, =1.0.4.R, =2.1.0.M8, =2.2.0.M7 and more Source cves: CVE-2023-31419 Source advisory: OSV:GHSA-QWRX-45XF-JJF7...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=5.6.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (=5.6.5) +91 more potentially affected by CVE-2023-24057 +1 more via ca.uhn.hapi.fhir:org.hl7.fhir.convertors (>=0.0.1 <=5.6.105)
ca.uhn.hapi.fhir:org.hl7.fhir.convertors MAVEN version =0.0.1, =4.0.0, =4.1.0, =4.0.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =5.1.0, =5.3.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =5.6.5 and more Source cves: CVE-2023-24057, CVE-2023-28465 Source advisory: OSV:GHSA-9654-PR4F-GH6M...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=5.6.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (=5.6.5) +127 more potentially affected by CVE-2023-24057 +1 more via ca.uhn.hapi.fhir:org.hl7.fhir.r5 (>=0.0.1 <=5.6.105)
ca.uhn.hapi.fhir:org.hl7.fhir.r5 MAVEN version =0.0.1, =4.0.0, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =5.1.0, =5.3.0, =4.0.0, =4.1.0, =4.0.0, =4.0.0, =5.4.0 and more Source cves: CVE-2023-24057, CVE-2023-28465 Source advisory: OSV:GHSA-9654-PR4F-GH6M...
bio.ferlab:fhavro (>=0.0.9 <=0.0.10), ca.uhn.hapi.fhir:hapi-fhir-base-test-jaxrsserver-kotlin (=5.6.5) +173 more potentially affected by CVE-2023-24057 +1 more via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=5.6.105)
ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =0.0.9, =4.0.0, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =4.0.0, =5.6.0, =5.0.0, =4.0.0, =5.3.0, =5.6.5 and more Source cves: CVE-2023-24057, CVE-2023-28465 Source advisory: OSV:GHSA-9654-PR4F-GH6M...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=5.6.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (=5.6.5) +92 more potentially affected by CVE-2023-24057 +1 more via ca.uhn.hapi.fhir:org.hl7.fhir.validation (>=1.0.0 <=5.6.105)
ca.uhn.hapi.fhir:org.hl7.fhir.validation MAVEN version =1.0.0, =4.0.0, =4.1.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =5.1.0, =5.3.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =5.1.0, =5.6.5 and more Source cves: CVE-2023-24057, CVE-2023-28465 Source advisory: OSV:GHSA-9654-PR4F-GH6M...
io.connectedhealth-idaas:idaas-eventbuilder (=2.3.0) potentially affected by CVE-2023-24057 +1 more via ca.uhn.hapi.fhir:org.hl7.fhir.core (=5.1.7)
ca.uhn.hapi.fhir:org.hl7.fhir.core MAVEN version =5.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on ca.uhn.hapi.fhir:org.hl7.fhir.core and may be impacted: - io.connectedhealth-idaas:idaas-eventbuilder =2.3.0 Source cves: CVE-2023-24057,...
Relative Path Traversal
Relative Path Traversal in ca.uhn.hapi.fhir:org.hl7.fhir.r5...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=6.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=6.4.0) +139 more potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.convertors (>=0.0.1 <=5.6.91)
ca.uhn.hapi.fhir:org.hl7.fhir.convertors MAVEN version =0.0.1, =4.0.0, =5.6.5, =4.1.0, =4.0.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =5.3.0, =4.0.0, =4.0.0, =6.4.0 and more Source cves: CVE-2023-24057 Source advisory: OSV:GHSA-JQH6-9574-5X22...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=6.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=6.4.0) +164 more potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.r5 (>=0.0.1 <=5.6.91)
ca.uhn.hapi.fhir:org.hl7.fhir.r5 MAVEN version =0.0.1, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =5.3.0, =4.0.0, =4.1.0, =6.4.0 and more Source cves: CVE-2023-24057 Source advisory: OSV:GHSA-JQH6-9574-5X22...
au.csiro.pathling:encoders (>=5.1.0 <=6.1.4), au.csiro.pathling:fhir-server (>=5.3.1 <=6.1.4) +224 more potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=5.6.91)
ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =5.1.0, =5.3.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =5.6.5, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.2.1 and more Source cves: CVE-2023-24057 Source advisory: OSV:GHSA-JQH6-9574-5X22...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=6.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=6.4.0) +133 more potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.validation (>=1.0.0 <=5.6.91)
ca.uhn.hapi.fhir:org.hl7.fhir.validation MAVEN version =1.0.0, =4.0.0, =5.6.5, =4.1.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =5.3.0, =4.0.0, =4.0.0, =4.0.0, =5.4.0 and more Source cves: CVE-2023-24057 Source advisory: OSV:GHSA-JQH6-9574-5X22...
io.connectedhealth-idaas:idaas-eventbuilder (=2.3.0) potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.core (=5.1.7)
ca.uhn.hapi.fhir:org.hl7.fhir.core MAVEN version =5.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on ca.uhn.hapi.fhir:org.hl7.fhir.core and may be impacted: - io.connectedhealth-idaas:idaas-eventbuilder =2.3.0 Source cves: CVE-2023-24057 Source...
Prototype Pollution
@hapi/hoek is vulnerable to prototype pollution. The function internals.clone allows an attacker to get control of value of “path” and modify attributes such as proto, constructor and prototype...
CVE-2020-36604
A prototype pollution flaw was found the clone function of the hapi/hoek package. By adding or modifying properties of Object.prototype using a proto or constructor payload, an attacker could execute arbitrary code or cause a denial of service condition on the system...
hoek 安全漏洞
hoek is part of the hapi ecosystem open-sourced by hapi.js. It is designed to work seamlessly with the hapi web framework and its other components. A security vulnerability exists in hoek versions prior to 8.5.1 that stems from prototype poisoning in the clone function...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=6.0.0 <=6.1.3), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=6.0.3 <=6.1.3) +753 more potentially affected by CVE-2022-37734 via com.graphql-java:graphql-java (>=0.0.0-2021-06-27T12-22-33-cd2bab76 <=17.3)
com.graphql-java:graphql-java MAVEN version =0.0.0-2021-06-27T12-22-33-cd2bab76, =6.0.0, =6.0.3, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.3, =0.1.0, =1.0.0, =2.8.5, =1.3.0, =1.1.0, =0.6.3, =2.0.1 and more Source cves: CVE-2022-37734 Source advisory: OSV:GHSA-V62J-CXHH-FQ22...
ai.grakn:grakn-dist (>=0.7.0 <=0.16.0), ai.grakn:grakn-test (=0.10.0) +1853 more potentially affected by CVE-2020-7021 via org.elasticsearch:elasticsearch (>=0.6.0 <=6.8.13)
org.elasticsearch:elasticsearch MAVEN version =0.6.0, =0.7.0, =0.6.1, =0.11.0, =0.3.0, =1.0.1, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.2.1 - ca.uhn.hapi.fhir:hapi-fhir-jpaserver-starter =5.2.0 and more Source cves: CVE-2020-7021 Source advisory: OSV:GHSA-CQGV-256R-M9R8...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (=5.1.0), ca.uhn.hapi.fhir:hapi-fhir-cli-jpaserver (=5.1.0) +152 more potentially affected by CVE-2020-5411 via org.springframework.batch:spring-batch-core (>=4.0.0.RELEASE <=4.2.2.RELEASE)
org.springframework.batch:spring-batch-core MAVEN version =4.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =4.2.0, =4.2.0, =3.0.0, =2020.08.001 and more Source cves: CVE-2020-5411 Source advisory: OSV:GHSA-4PH4-Q9R5-6WM6...
br.com.caelum.vraptor:vraptor-environment (=1.0.1), br.com.caelum.vraptor:vraptor-freemarker (>=1.0.1 <=1.1.0) +411 more potentially affected by CVE-2010-1622 via org.springframework:spring (>=2.5.1 <=2.5.6.SEC03)
org.springframework:spring MAVEN version =2.5.1, =1.0.1, =1.0.1, =3.1.1, =1.1, =1.1, =1.2, =1.2.1 and more Source cves: CVE-2010-1622 Source advisory: OSV:GHSA-VPR3-F594-MG5G...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.1.0 <=5.2.1), ca.uhn.hapi.fhir:hapi-fhir-cli-jpaserver (>=5.1.0 <=5.2.1) +484 more potentially affected by CVE-2019-7611 via org.elasticsearch:elasticsearch (>=6.0.0 <=6.6.0)
org.elasticsearch:elasticsearch MAVEN version =6.0.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =0.1.0, =4.0.0-beta-1, =1.2.0.RELEASE, =1.1.1.RELEASE, =1.4.2.RELEASE - cn.patterncat:spring-boot-starter-elasticsearch =0.0.1 - cn.xphsc:elasticsearch-rest-plus =1.0.2 and more...