ca.uhn.hapi.fhir:hapi-fhir-testpage-overlay (>=0.4 <=0.5), ch.ralscha:extdirectspring (=1.4.0) +75 more potentially affected by CVE-2014-0054 via org.springframework:spring-webmvc (>=4.0.0.RELEASE <=4.0.1.RELEASE)

org.springframework:spring-webmvc MAVEN version =4.0.0.RELEASE, =0.4, =0.1.1-alpha, =0.2-alpha, =1.0.0, =2.0.3.2.1, =2.1.3.10.1, =2.0.3.6, =2.0.3.6, =2.1.2.7.1, =2.0.3.1, =2.1.4.19 and more Source cves: CVE-2014-0054 Source advisory: OSV:GHSA-8CMM-QJ8G-FCP6...

ca.uhn.hapi.fhir.karaf:hapi-fhir (>=3.3.0 <=3.7.0), com.esri.geoevent.sdk:geoevent-sdk (>=10.7.1 <=10.8.1) +118 more potentially affected by CVE-2021-44832 via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.10.0 <=1.10.8)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.10.0, =3.3.0, =10.7.1, =2.0.1, =1.2.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.61.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.24.01 and more Source cves: CVE-2021-44832 Source advisory: OSV:GHSA-8489-44MV-GGJ8...

ca.uhn.hapi.fhir.karaf:hapi-fhir (>=3.3.0 <=3.7.0), com.esri.geoevent.sdk:geoevent-sdk (>=10.7.1 <=10.8.1) +118 more potentially affected by CVE-2021-44228 +1 more via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.10.0 <=1.10.7)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.10.0, =3.3.0, =10.7.1, =2.0.1, =1.2.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.61.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.24.01 and more Source cves: CVE-2021-44228, CVE-2021-45046 Source advisory: OSV:GHSA-7RJR-3Q55-VV33...

ca.uhn.hapi.fhir.karaf:hapi-fhir (>=3.3.0 <=3.7.0), com.esri.geoevent.sdk:geoevent-sdk (>=10.7.1 <=10.8.1) +118 more potentially affected by CVE-2021-44228 via org.ops4j.pax.logging:pax-logging-log4j2 (>=1.10.0 <=1.10.7)

org.ops4j.pax.logging:pax-logging-log4j2 MAVEN version =1.10.0, =3.3.0, =10.7.1, =2.0.1, =1.2.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.61.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.24.01 and more Source cves: CVE-2021-44228 Source advisory: OSV:GHSA-JFH8-C2JP-5V3Q...

@3wks/gae-node-nestjs (>=0.1.0 <=6.0.0-rc.0), @aeroline_1025/hapi-corpsso (>=2.1.3 <=2.3.0) +72 more potentially affected by CVE-2021-39171 via passport-saml (>=0.12.0 <=2.2.0)

passport-saml NPM version =0.12.0, =0.1.0, =2.1.3, =1.0.0, =4.0.0, =0.0.0-nightly-2020972106, =3.4.2, =0.1.0, =1.0.0, =1.0.0, =2.4.0, =7.1.1, =6.2.2, =1.1.109, =1.3.78 and more Source cves: CVE-2021-39171 Source advisory: OSV:GHSA-5379-R78W-42H2...

br.com.swconsultoria:java-cte (>=3.00.4 <=3.00.8), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +1215 more potentially affected by CVE-2020-15522 via org.bouncycastle:bcprov-jdk16 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk16 MAVEN version =1.38, =3.00.4, =3.00.3, =4.00.10, =1.0, =2.0, =1.2.4, =2.0.0, =2.1, =2.1, =2.10.0, =2.10.0, =2.11.0 and more Source cves: CVE-2020-15522 Source advisory: OSV:GHSA-6XX3-RG99-GC3P...

ai.grakn:grakn-dist (>=0.7.0 <=0.16.0), ai.grakn:grakn-test (=0.10.0) +1856 more potentially affected by CVE-2021-22144 via org.elasticsearch:elasticsearch (>=0.6.0 <=6.8.16)

org.elasticsearch:elasticsearch MAVEN version =0.6.0, =0.7.0, =0.6.1, =0.11.0, =0.3.0, =1.0.1, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.2.1 - ca.uhn.hapi.fhir:hapi-fhir-jpaserver-starter =5.2.0 and more Source cves: CVE-2021-22144 Source advisory: OSV:GHSA-3393-HVRJ-W7V3...

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=5.7.9), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=5.7.9) +255 more potentially affected by CVE-2021-22135 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.11.1)

org.elasticsearch:elasticsearch MAVEN version =7.0.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =2.1.0.M8, =0.9.30, =0.9.30, =0.9.30, =0.9.70 and more Source cves: CVE-2021-22135 Source advisory: OSV:GHSA-62WW-4P3P-7FHJ...

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=3.4.0 <=5.3.3), ca.uhn.hapi.fhir:hapi-fhir-cli-jpaserver (>=4.1.0 <=5.3.3) +34 more potentially affected by CVE-2021-32053 via ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base (>=0.9 <=5.3.3)

ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base MAVEN version =0.9, =3.4.0, =4.1.0, =5.3.0, =3.6.0, =5.3.0, =5.1.0, =5.3.0, =3.5.0, =4.0.0, =5.1.0, =0.9, =0.1.0-1, =0.1.0-2, =0.9, =1.10.5 - org.hspconsortium.reference:hspc-reference-api-fhir =0.9 and more Source cves: CVE-2021-32053 Source advisory:...

Uncontrolled Resource Consumption in JPA Server in HAPI FHIR

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

GHSA-67F6-C8MX-4Q2M Uncontrolled Resource Consumption in JPA Server in HAPI FHIR

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

Uncontrolled Resource Consumption

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

The vulnerability of the @hapi/hapi application library at Aurora Center, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of the @hapi/hapi application software library in Aurora Center is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow attackers to cause service failures...

CVE-2021-32053

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

CVE-2021-32053

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

Hardcoded credentials

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

CVE-2021-32053

CVE-2021-32053 affects HAPI FHIR’s JPA Server prior to 5.4.0. The issue allows denial of service through history requests: a SELECT COUNT triggers a full index scan, consuming server resources and potentially disabling access to the database when many concurrent history operations occur. Connecte...

CVE-2021-32053

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

HAPI FHIR 资源管理错误漏洞

HAPI FHIR is a HL7 FHIR API written in Java for individual developers. A security vulnerability exists in HAPI FHIR prior to version 5.4.0. An attacker could cause a denial of service to the program via a history request...

Uncontrolled Resource Consumption

JPA Server in HAPI FHIR allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are many...