Back to CVE List

CVE-2026-55470

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.5 / 10

Vulnerability Description

HAPI FHIR: Incomplete fix for CVE-2026-45367: DSTU2 FHIRPathEngine.matches() missing RegexTimeout protection allows ReDoS

Vulnerability Details

Published Date
Last Modified
Source
GitHub
Vendor
maven
Product
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2

External References

Discussion (0)

Add Comment

No comments yet. Be the first!