2 matches found
GHSA-9654-PR4F-GH6M HL7 FHIR Partial Path Zip Slip due to bypass of CVE-2023-24057
Impact Zip Slip protections implemented in CVE-2023-24057 GHSA-jqh6-9574-5x22 can be bypassed due a partial path traversal vulnerability. This issue allows a malicious actor to potentially break out of the TerminologyCacheManager cache directory. The impact is limited to sibling directories. To...
GHSA-JQH6-9574-5X22 MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core`
Impact MITM can enable Zip-Slip. Vulnerability Vulnerability 1: Scanner.java There is no validation that the zip file being unpacked has entries that are not maliciously writing outside of the intended destination directory...