VYPR

Dsf

by Datasharingframework

Source repositories

CVEs (2)

  • CVE-2026-40939MedApr 21, 2026
    risk 0.37cvss epss 0.00

    The Data Sharing Framework (DSF) implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access…

  • CVE-2026-40942MedApr 21, 2026
    risk 0.34cvss epss 0.00

    The Data Sharing Framework (DSF) implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, The OIDC JWKS and Metadata Document caches used an inverted time comparison (isBefore instead of isAfter), causing the cache to never return…