9 matches found
EUVD-2024-3518
Malicious code in bioql PyPI...
CVE-2024-55887
A flaw was found in the ucum-java library for FHIR. XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where ucum is being use...
CVE-2024-55887
Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts...
CVE-2024-55887 Ucum-java has an XXE vulnerability in XML parsing
Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts...
CVE-2024-55887 Ucum-java has an XXE vulnerability in XML parsing
Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts...
CVE-2024-55887 Ucum-java has an XXE vulnerability in XML parsing
Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts...
CVE-2024-55887
Ucum-java (FHIR UCUM services) is vulnerable to XML External Entity (XXE) injections in XML parsing performed by UcumEssenceService in versions before 1.0.9. A crafted XML with a malicious DTD can cause data from the host system to be exposed when external clients submit XML. The fix is Release 1...
Ucum-java 代码问题漏洞
Ucum-java is a FHIR open source FHIR Java library that provides Ucum services. A code issue vulnerability exists in Ucum-java versions prior to 1.0.9 that stems from the XML parsing performed by the UcumEssenceService being vulnerable to XML external entity injection, resulting in external client...
PT-2024-9589 · Ucum-Java · Ucum-Java
Name of the Vulnerable Software and Affected Versions: Ucum-java versions prior to 1.0.9 Description: The issue is related to XML external entity injections in the UcumEssenceService. This occurs when XML parsing is performed, allowing a malicious DTD tag in a processed XML file to produce XML...