Vulnerabilities > HL7

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-26	CVE-2023-24057	Path Traversal vulnerability in multiple products HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive). network high complexity hl7 hapifhir CWE-22	8.1
2014-09-02	CVE-2014-5452	Cross-Site Scripting vulnerability in HL7 C-Cda 1.1 CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during unrestricted xsl:copy operations. network hl7 CWE-79	4.3
2014-09-02	CVE-2014-3862	Information Exposure vulnerability in HL7 C-Cda 1.1 CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log. network hl7 CWE-200	4.3
2014-09-02	CVE-2014-3861	Cross-Site Scripting vulnerability in HL7 C-Cda 1.1 Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element. network hl7 CWE-79	4.3

Vulnerabilities > HL7 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"HL7"}]}