CVE-2023-24057
26.01.2023, 21:18
HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive).
| Vendor | Product | Version |
|---|---|---|
| hapifhir | hl7_fhir_core | 𝑥 < 5.6.92 |
| hl7 | fhir_ig_publisher | 𝑥 < 1.2.30 |
𝑥
= Vulnerable software versions