CVE-2024-51132

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-51132

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-51132.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-51132

Aliases

GHSA-4cf2-cxp3-rjr7

Published

2024-11-05T17:15:07Z

Modified

2024-11-06T22:48:47.784680Z

Summary

[none]

Details

An XML External Entity (XXE) vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities.

References

Affected packages

Git / github.com/hapifhir/org.hl7.fhir.core

Affected ranges

Type: GIT
Repo: https://github.com/hapifhir/org.hl7.fhir.core
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

26c445c8fc841d5e73c4662391b970f4a2bcc805

Affected versions

1.*

1.1.67

5.*

5.0.10

5.0.11

5.0.12

5.0.13

5.0.14

5.0.15

5.0.16

5.0.17

5.0.18

5.0.19

5.0.20

5.0.21

5.0.22

5.0.6

5.0.7

5.0.8

5.0.9

5.1.1

5.1.10

5.1.11

5.1.12

5.1.13

5.1.14

5.1.15

5.1.16

5.1.17

5.1.18

5.1.19

5.1.2

5.1.20

5.1.21

5.1.22

5.1.3

5.1.4

5.1.5

5.1.6

5.1.7

5.1.8

5.1.9

5.2.1

5.2.10

5.2.11

5.2.12

5.2.13

5.2.16

5.2.18

5.2.19

5.2.20

5.2.3

5.2.4

5.2.5

5.2.7

5.2.9

5.3.1

5.3.10

5.3.11

5.3.12

5.3.14

5.3.2

5.3.3

5.3.4

5.3.5

5.3.6

5.3.7

5.3.8

5.3.9

5.4.1

5.4.10

5.4.11

5.4.12

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.1

5.5.10

5.5.11

5.5.12

5.5.13

5.5.14

5.5.15

5.5.3

5.5.4

5.5.6

5.5.7

5.5.8

5.5.9

5.6.0

5.6.1

5.6.100

5.6.101

5.6.102

5.6.103

5.6.104

5.6.105

5.6.106

5.6.107

5.6.108

5.6.109

5.6.110

5.6.111

5.6.112

5.6.113

5.6.114

5.6.115

5.6.116

5.6.117

5.6.15

5.6.17

5.6.18

5.6.19

5.6.20

5.6.21

5.6.22

5.6.23

5.6.24

5.6.25

5.6.26

5.6.27

5.6.28

5.6.29

5.6.3

5.6.30

5.6.31

5.6.32

5.6.33

5.6.34

5.6.35

5.6.36

5.6.37

5.6.38

5.6.39

5.6.4

5.6.40

5.6.41

5.6.42

5.6.43

5.6.44

5.6.45

5.6.46

5.6.47

5.6.48

5.6.5

5.6.50

5.6.51

5.6.52

5.6.53

5.6.54

5.6.55

5.6.56

5.6.57

5.6.58

5.6.59

5.6.6

5.6.60

5.6.61

5.6.62

5.6.63

5.6.64

5.6.65

5.6.66

5.6.67

5.6.68

5.6.69

5.6.7

5.6.70

5.6.71

5.6.72

5.6.73

5.6.74

5.6.75

5.6.76

5.6.77

5.6.78

5.6.79

5.6.80

5.6.81

5.6.82

5.6.83

5.6.84

5.6.85

5.6.86

5.6.87

5.6.88

5.6.89

5.6.9

5.6.90

5.6.91

5.6.92

5.6.93

5.6.94

5.6.95

5.6.96

5.6.97

5.6.98

5.6.99

6.*

6.0.0

6.0.1

6.0.10

6.0.11

6.0.12

6.0.13

6.0.14

6.0.15

6.0.16

6.0.17

6.0.18

6.0.19

6.0.2

6.0.20

6.0.21

6.0.22

6.0.23

6.0.24

6.0.25

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.0.9

6.1.0

6.1.1

6.1.10

6.1.11

6.1.12

6.1.13

6.1.14

6.1.15

6.1.16

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.1

6.2.10

6.2.11

6.2.12

6.2.13

6.2.14

6.2.15

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.2.9

6.3.0

6.3.1

6.3.10

6.3.11

6.3.12

6.3.13

6.3.14

6.3.15

6.3.16

6.3.17

6.3.18

6.3.19

6.3.2

6.3.20

6.3.21

6.3.22

6.3.23

6.3.24

6.3.25

6.3.26

6.3.27

6.3.28

6.3.29

6.3.3

6.3.30

6.3.31

6.3.32

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

v4.*

v4.0.0

v4.1.0

v5.*

v5.0.0

v5.1.0

v5.3.0

v5.4.0