org.hl7.fhir.dstu2

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-55470	Ca.uhn.hapi.fhir org.hl7.fhir.dstu2	hig	0.38	—	—		Jun 17, 2026	## Summary The fix for CVE-2026-45367 added `RegexTimeout` protection to the `matches()` function in DSTU2016MAY, DSTU3, R4, R4B, and R5, but the DSTU2 module was incompletely patched. In `org.hl7.fhir.dstu2`, `replaceMatches()` was updated while `matches()` at line 2462 still…

CVE-2026-55470higJun 17, 2026
Ca.uhn.hapi.fhir
org.hl7.fhir.dstu2
risk 0.38cvss —epss —
## Summary The fix for CVE-2026-45367 added `RegexTimeout` protection to the `matches()` function in DSTU2016MAY, DSTU3, R4, R4B, and R5, but the DSTU2 module was incompletely patched. In `org.hl7.fhir.dstu2`, `replaceMatches()` was updated while `matches()` at line 2462 still…