VYPR

Maven package

org.fhir/ucum

pkg:maven/org.fhir/ucum

Vulnerabilities (1)

  • CVE-2024-55887HigDec 13, 2024
    affected < 1.0.9fixed 1.0.9

    Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host sys