Lucene search
K

13 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

opencms 安全漏洞

OpenCms is a CMS system developed by Fumiao as an individual developer. OpenCms v20 and earlier versions had security vulnerabilities, which stemmed from insecure XML parsing in the Admin Import DB function. The manifest.xml file provided by users in .zip files could lead to XML external entity...

9.8CVSS5.8AI score0.003EPSS
Exploits0References2
CVE
CVE
added 2024/12/13 4:8 p.m.60 views

CVE-2024-55887

Ucum-java (FHIR UCUM services) is vulnerable to XML External Entity (XXE) injections in XML parsing performed by UcumEssenceService in versions before 1.0.9. A crafted XML with a malicious DTD can cause data from the host system to be exposed when external clients submit XML. The fix is Release 1...

8.6CVSS8.5AI score0.00539EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/11/11 8:33 a.m.13 views

CVE-2024-52007

A flaw was found in HAPI FHIR - HL7 FHIR Core Artifacts. eXtensible Stylesheet Language Transformations XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host...

8.6CVSS8.2AI score0.00918EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/11/08 10:28 p.m.14 views

CVE-2024-52007 XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host...

8.6CVSS7AI score0.00918EPSS
Exploits0References6
OSV
OSV
added 2024/11/08 6:49 p.m.11 views

GHSA-GR3C-Q7XF-47VH XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

Summary XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

8.6CVSS8.2AI score0.00918EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2024/11/08 6:49 p.m.18 views

XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

Summary XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

8.6CVSS6.9AI score0.00918EPSS
Exploits0References8Affected Software6
GitLab Advisory Database
GitLab Advisory Database
added 2024/11/08 12:0 a.m.16 views

XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external clients...

8.6CVSS8.4AI score0.00918EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
added 2024/11/08 12:0 a.m.20 views

XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external clients...

8.6CVSS8.4AI score0.00918EPSS
Exploits0References9
GitLab Advisory Database
GitLab Advisory Database
added 2024/11/08 12:0 a.m.11 views

XXE vulnerability in XSLT parsing in `org.hl7.fhir.core`

XSLT parsing performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external clients...

8.6CVSS8.4AI score0.00918EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/09/06 3:46 p.m.18 views

CVE-2024-45294 `org.hl7.fhir.core` XXE vulnerability in XSLT transforms

The HL7 FHIR Core Artifacts repository provides the java core object handling code, with utilities including validator, for the Fast Healthcare Interoperability Resources FHIR specification. Prior to version 6.3.23, XSLT transforms performed by various components are vulnerable to XML external...

8.6CVSS7AI score0.00975EPSS
Exploits0References4
GitLab Advisory Database
GitLab Advisory Database
added 2024/09/06 12:0 a.m.39 views

XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`

XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

8.6CVSS8.4AI score0.00975EPSS
Exploits0References7
GitLab Advisory Database
GitLab Advisory Database
added 2024/09/06 12:0 a.m.43 views

XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`

XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

8.6CVSS8.4AI score0.00975EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.14 views

openSUSE: Security Advisory for apache (SUSE-SU-2023:4367-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.2AI score0.01855EPSS
Exploits0References2
Rows per page
Query Builder