CVE-2023-28465

EPSS 0.74% · P73 Updated May 27, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-28465

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The package-decompression feature in HL7 (Health Level 7) FHIR Core Libraries before 5.6.106 allows attackers to copy arbitrary files to certain directories via directory traversal, if an allowed directory name is a substring of the directory name chosen by the attacker. NOTE: this issue exists because of an incomplete fix for CVE-2023-24057.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Health Level 7 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Health Level 7是Health Level 7公司的一系列用于在应用程序之间传输临床和管理健康数据的全球标准。 Health Level 7 5.6.106之前版本存在安全漏洞，该漏洞源于核心库中的包解压缩功能允许攻击者通过目录遍历将任意文件复制到某些目录。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2023-28465

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/shoucheng3/hapifhir__org_hl7_fhir_core_CVE-2023-28465_5-6-105	POC Details
2	None	https://github.com/shoucheng3/hapifhir__org_hl7_fhir_core_CVE-2023-28465_5-6-1055	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-28465

请登录查看更多情报信息。

Same Patch Batch · n/a · 2023-12-12 · 45 CVEs total

CVE-2023-41119	8.8 HIGH	EnterpriseDB Postgres Advanced Server 安全漏洞
CVE-2023-41117	8.8 HIGH	EnterpriseDB Postgres Advanced Server 安全漏洞
CVE-2023-48641	7.5 HIGH	Archer Platform 安全漏洞
CVE-2023-41114	6.5 MEDIUM	EnterpriseDB Postgres Advanced Server 安全漏洞
CVE-2023-41115	6.5 MEDIUM	EnterpriseDB Postgres Advanced Server 安全漏洞
CVE-2023-41120	6.5 MEDIUM	EnterpriseDB Postgres Advanced Server 安全漏洞
CVE-2023-41116	4.3 MEDIUM	EnterpriseDB Postgres Advanced Server 安全漏洞
CVE-2023-41113	4.3 MEDIUM	EnterpriseDB Postgres Advanced Server 安全漏洞
CVE-2023-41118		EnterpriseDB Postgres Advanced Server 安全漏洞
CVE-2023-41623		Emlog 安全漏洞
CVE-2023-46455		GL.iNet GL-AR300M安全漏洞
CVE-2023-43364		Searchor 安全漏洞
CVE-2023-46454		GL.iNET GL-AR300M 安全漏洞
CVE-2023-49991		eSpeak NG 安全漏洞
CVE-2009-4123		JRuby-OpenSSL 安全漏洞
CVE-2023-50495		Ncurses 安全漏洞
CVE-2023-49994		eSpeak NG 安全漏洞
CVE-2023-49993		eSpeak NG 安全漏洞
CVE-2023-49992		eSpeak NG 安全漏洞
CVE-2023-49563		Voltronic Power SNMP Web Pro 安全漏洞

Showing top 20 of 45 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2023-28465

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-28465

I. Basic Information for CVE-2023-28465

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-28465

III. Intelligence Information for CVE-2023-28465

Same Patch Batch · n/a · 2023-12-12 · 45 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-28465

Leave a comment