Vulnerabilities > Hapifhir

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-12	CVE-2023-28465	Path Traversal vulnerability in Hapifhir HL7 Fhir Core The package-decompression feature in HL7 (Health Level 7) FHIR Core Libraries before 5.6.106 allows attackers to copy arbitrary files to certain directories via directory traversal, if an allowed directory name is a substring of the directory name chosen by the attacker. network low complexity hapifhir CWE-22	7.5
2023-01-26	CVE-2023-24057	Path Traversal vulnerability in multiple products HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive). network high complexity hl7 hapifhir CWE-22	8.1
2020-10-08	CVE-2020-24301	Cross-site Scripting vulnerability in Hapifhir Testpage Overlay 5.0.0 Users of the HAPI FHIR Testpage Overlay 5.0.0 and below can use a specially crafted URL to exploit an XSS vulnerability in this module, allowing arbitrary JavaScript to be executed in the user's browser. network low complexity hapifhir CWE-79	6.1

Vulnerabilities > Hapifhir {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hapifhir"}]}