Every CVE whose affected-product data names Fhir Hapi Fhir, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-12741 — CVSS 6.1 (medium): XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters…
CVE-2021-32053 — CVSS 5.3 (medium): JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service (e.g., disable access to the database after the attack stops) via…