HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...

HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...

HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...

HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...

SUSE CVE-2026-32287

Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true"...

CVE-2026-32287

Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true"...

UBUNTU-CVE-2026-32287

Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true"...

CVE-2026-32287

Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true"...

NewStart CGSL MAIN 6.06 (SP) : netcf Vulnerability (NS-SA-2026-0026)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has netcf packages installed that are affected by a vulnerability: - The findifcfgpath function in netcf before 0.2.7 might allow attackers to cause a denial of service application crash via vectors involving augeas path expressions...

CVE-2026-1615

CVE-2026-1615 affects the jsonpath family (e.g., org.webjars.npm:jsonpath, jsonpath) with Arbitrary Code Injection due to unsafe evaluation of user-supplied JSON Path expressions. The root cause is use of the static-eval module to process JSON Path input, which is not safe for untrusted data, all...

CVE-2026-1615

Versions of the package jsonpath before 1.3.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to process JSON Path input, which is not designed to handle untrusted data safely. An attacker can...

MiracleLinux 4 : netcf-0.2.4-3.AXS4 (AXBA:2015-387:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXBA:2015-387:01 advisory. - The findifcfgpath function in netcf before 0.2.7 might allow attackers to cause a denial of service application crash via vectors involving augeas path...

EUVD-2014-7964

Malware in sbrugna...

USN-7743-1: libxml2 vulnerability

Nikita Sveshnikov discovered that libxml2 incorrectly handled recursion when processing XPath expressions. An attacker could possibly use this issue to cause a denial of service...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

CLSA-2025-1753298604 Fix CVE(s): CVE-2025-49794, CVE-2025-49796

SECURITY UPDATE: memory vulnerabilities in schematron - debian/patches/CVE-2025-49794CVE-2025-49796.patch: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements and memory corruption issue triggered by processing sch:name elements in input XML file - CVE-2025-49794 -...

libxml: Null pointer dereference leads to Denial of service (DoS)

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service...

CVE-2025-49794

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

libxml2 安全漏洞

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, and XSH. A security vulnerability exists in libxml2 that stems from a null pointer dereference issue when processing XPath XML expressions, which could lead to...

SUSE CVE-2025-49795

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service...