CVE-2023-28465 | FHIR Core Libraries prior 5.6.106 on CVE package-decompression path traversal (GHSA-9654-pr4f-gh6m)

Posted by Angelo Barbosa | Dec 12, 2023 | CVE

A vulnerability was found in FHIR Core Libraries on CVE. It has been rated as critical. Affected by this issue is some unknown functionality of the component package-decompression. The manipulation leads to path traversal.

This vulnerability is handled as CVE-2023-28465. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-28465 | FHIR Core Libraries prior 5.6.106 on CVE package-decompression path traversal (GHSA-9654-pr4f-gh6m)

Related Posts

CVE-2024-24845 | Post Thumbnail Editor Plugin up to 2.4.8 on WordPress information disclosure

CVE-2024-1463 | LearnPress Plugin up to 4.2.6.3 on WordPress cross site scripting

CVE-2024-30292 | Adobe Framemaker up to 2020.5/2022.3 out-of-bounds write (apsb24-37)

CVE-2023-39804 | GNU Tar PAX Archive xheader.c locate_handler denial of service