3 matches found
Spark Information Disclosure Vulnerability (CNVD-2021-37593)
Spark is a public domain FHIR server developed using C. A security vulnerability exists in versions prior to Firely/Incendi Spark 1.5.5-r4, which stems from the lack of a Content-Disposition header in some cases, which could result in carefully crafted files being delivered to the client to be...
CVE-2021-32054
Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations, which may cause crafted files to be delivered to clients such that they are rendered directly in a victim's web browser...
Firely/Incendi Spark 安全漏洞
Spark is a public domain FHIR server developed using C. A security vulnerability exists in versions prior to Firely/Incendi Spark 1.5.5-r4, which stems from the lack of a Content-Disposition header in some cases, which could result in carefully crafted files being delivered to the client to be...