Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-22974: OpenEMR Patches - OpenEMR Project Wiki

A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.

CVE
#sql#web#windows#google#linux#js#git#java#php#pdf#oauth#auth#docker#sap#ssl

From OpenEMR Project Wiki

**

7.0.0 Patch (11/30/22)

****Download link****Description**

This is the 2nd patch and also includes changes from prior patches. Please read through the list of modified files to ensure you haven’t customized any of these, since this will copy over this.

Installation instructions****Windows

1. Extract the zipped file into the openemr web directory, and say yes to copying over files

2. Open web browser and go to http://your_server_name_or_ip/openemr/sql_patch.php

(this script will run automatically and patch the database)

(if you are using the Multisite Module, then skip step 2 and follow these instructions)

3. Delete the sql_patch.php file from the openemr web directory

4. Delete the following files (if they exist) from the openemr web directory:

‘contrib/icd10/Zip File 3 2022 ICD-10-PCS Codes File.zip’

‘contrib/icd10/2022-Code Descriptions.zip’

Linux

1. Move the patch file to the openemr web directory, then type 'unzip 7-0-0-Patch-2.zip’, and confirm ok to copy over files.

2. Open web browser and go to http://your_server_name_or_ip/openemr/sql_patch.php

(this script will run automatically and patch the database)

(if you are using the Multisite Module, then skip step 2 and follow these instructions)

3. Delete the sql_patch.php file from the openemr web directory

4. Delete the following files (if they exist) from the openemr web directory:

‘contrib/icd10/Zip File 3 2022 ICD-10-PCS Codes File.zip’

‘contrib/icd10/2022-Code Descriptions.zip’

Fixes and New Features

(note the ones with ** are new with this patch):

  • Security fixes reported by Dennis Brinkrolf, Sonar (https://sonarsource.com) (fixed by Brady Miller)**
  • Security fixes reported via huntr.dev (fixed by Brady Miller and Stephen Waite)**
  • New Form Builder (by Jerry Padgett)**
  • New Telehealth Module (by Stephen Nielson and Sherwin Gaddis)**
  • New PKCE support for Oauth2 (by Stephen Nielson)**
  • CCDA improvements and fixes (by Jerry Padgett)**
  • FHIR improvements and fixes (by Stephen Nielson)**
  • Prescription and medication improvements and fixes (by Simon Quigley and Jerry Padgett)**
  • Patient portal improvements (by Jerry Padgett and Stephen Waite)**
  • Vitals form improvement and fixes (by Stephen Nielson and Stephen Waite)**
  • ICD10 codes update (by Stephen Waite)**
  • ICD10 import improvements (by Stephen Waite)**
  • Google sign-in module fixes (by Saparbek-Nagashibekov)**
  • Billing fixes (by Stephen Waite)**
  • Payment fixes (by Stephen Waite)**
  • Encounter fixes (by Jerry Padgett and Sherwin Gaddis)**
  • Track anything module fix (by Stephen Waite)**
  • File white listing fixes (by Stephen Waite and Brady Miller)**
  • Login screen fixes (by Tyler Wrenn)**
  • Patient portal registration fix (by Tyler Wrenn)**
  • GAD7 form improvements (by ruthkonyn)**
  • New Real World Testing report (by Brady Miller)**
  • PHP 8.1 fixes (by Stephen Waite)**
  • PHP 7.4 fixes (by Brady Miller)**
  • Security fixes (fixes by Brady Miller and Stephen Waite)
  • Vitals form fix (fix by Stephen Waite)
  • Patient search fix (fix by David Eschelbacher)
  • CCDA fix for large amount of data (fix by Jerry Padgett)
  • Patient history form fix (fix by Rod Roark)
  • Patient portal EASIPRO fix (fix by Jerry Padgett)
  • Patient portal history form fix (fix by Brady Miller)
  • Added voided claim to misc billing options and 837 file (by Stephen Waite)
  • PHP 8.1 fixes (fixes by Stephen Waite)

List of files (7.0.0) Patch 2

API_README.md apis/dispatch.php ccdaservice/oe-blue-button-generate/index.js ccdaservice/oe-blue-button-generate/lib/documentLevel.js ccdaservice/oe-blue-button-generate/lib/htmlHeaders.js ccdaservice/oe-blue-button-generate/lib/translate.js ccdaservice/oe-blue-button-meta/lib/oids.js ccdaservice/serveccda.js contrib/icd10/2023 Code Descriptions in Tabular Order.zip contrib/icd10/Zip File 3 2023 ICD-10-PCS Codes File.zip controllers/C_Document.class.php custom/zutil.cli.doc_import.php docker/library/api-scope-listing FHIR_README.md .gitignore interface/billing/edi_271.php interface/billing/edit_payment.php interface/billing/payment_pat_sel.inc.php interface/billing/search_payments.php interface/billing/sl_eob_invoice.php interface/code_systems/dataloads_ajax.php interface/code_systems/list_staged.php interface/forms/care_plan/report.php interface/forms/eye_mag/php/eye_mag_functions.php interface/forms/eye_mag/php/taskman_functions.php interface/forms/fee_sheet/new.php interface/forms/fee_sheet/review/fee_sheet_ajax.php interface/forms/fee_sheet/review/fee_sheet_options_ajax.php interface/forms/fee_sheet/review/fee_sheet_review_view_model.js interface/forms/fee_sheet/review/initialize_review.php interface/forms/gad7/gad7.inc.php interface/forms/gad7/gad7_javasrc.js interface/forms/gad7/new.php interface/forms/gad7/report.php interface/forms/gad7/view.php interface/forms/LBF/new.php interface/forms/LBF/printable.php interface/forms/misc_billing_options/new.php interface/forms/misc_billing_options/report.php interface/forms/newpatient/save.php interface/forms/questionnaire_assessments/info.txt interface/forms/questionnaire_assessments/lforms/fhir/lformsFHIRAll.min.js interface/forms/questionnaire_assessments/lforms/fhir/lformsFHIRAll.min.js.map interface/forms/questionnaire_assessments/lforms/fhir/R4/lformsFHIR.min.js interface/forms/questionnaire_assessments/lforms/fhir/R4/lformsFHIR.min.js.map interface/forms/questionnaire_assessments/lforms/fhir/STU3/lformsFHIR.min.js interface/forms/questionnaire_assessments/lforms/fhir/STU3/lformsFHIR.min.js.map interface/forms/questionnaire_assessments/lforms/LICENSE.md interface/forms/questionnaire_assessments/lforms/README.md interface/forms/questionnaire_assessments/lforms/webcomponent/assets/lib/zone.min.js interface/forms/questionnaire_assessments/lforms/webcomponent/down_arrow_gray_10_10.png interface/forms/questionnaire_assessments/lforms/webcomponent/lhc-forms.es2015.js interface/forms/questionnaire_assessments/lforms/webcomponent/lhc-forms.es5.js interface/forms/questionnaire_assessments/lforms/webcomponent/magnifying_glass.png interface/forms/questionnaire_assessments/lforms/webcomponent/main-es2015.js interface/forms/questionnaire_assessments/lforms/webcomponent/main-es2015.js.map interface/forms/questionnaire_assessments/lforms/webcomponent/main-es5.js interface/forms/questionnaire_assessments/lforms/webcomponent/main-es5.js.map interface/forms/questionnaire_assessments/lforms/webcomponent/polyfills-es2015.js interface/forms/questionnaire_assessments/lforms/webcomponent/polyfills-es2015.js.map interface/forms/questionnaire_assessments/lforms/webcomponent/polyfills-es5.js interface/forms/questionnaire_assessments/lforms/webcomponent/polyfills-es5.js.map interface/forms/questionnaire_assessments/lforms/webcomponent/runtime-es2015.js interface/forms/questionnaire_assessments/lforms/webcomponent/runtime-es2015.js.map interface/forms/questionnaire_assessments/lforms/webcomponent/runtime-es5.js interface/forms/questionnaire_assessments/lforms/webcomponent/runtime-es5.js.map interface/forms/questionnaire_assessments/lforms/webcomponent/scripts.js interface/forms/questionnaire_assessments/lforms/webcomponent/styles.css interface/forms/questionnaire_assessments/lform_webcomponents.php interface/forms/questionnaire_assessments/new.php interface/forms/questionnaire_assessments/patient_portal.php interface/forms/questionnaire_assessments/questionnaire_assessments.php interface/forms/questionnaire_assessments/report.php interface/forms/questionnaire_assessments/save.php interface/forms/questionnaire_assessments/view.php interface/forms/track_anything/create.php interface/forms/track_anything/history.php interface/forms/track_anything/new.php interface/forms/vitals/C_FormVitals.class.php interface/forms/vitals/growthchart/chart.php interface/forms/vitals/templates/vitals/vitals_actions.html.twig interface/forms/vitals/templates/vitals/vitals_bmi.html.twig interface/forms/vitals/templates/vitals/vitals_bmi_status.html.twig interface/forms/vitals/templates/vitals/vitals_growthchart_actions.html.twig interface/forms/vitals/templates/vitals/vitals_historical_values_complete.html.twig interface/forms/vitals/templates/vitals/vitals_historical_values.html.twig interface/forms/vitals/templates/vitals/vitals.html.twig interface/forms/vitals/templates/vitals/vitals_interpretation_selector.html.twig interface/forms/vitals/templates/vitals/vitals_notes.html.twig interface/forms/vitals/templates/vitals/vitals_reason_row.html.twig interface/forms/vitals/templates/vitals/vitals_temp_method.html.twig interface/forms/vitals/templates/vitals/vitals_textbox_conversion.html.twig interface/forms/vitals/templates/vitals/vitals_textbox.html.twig interface/forms/vitals/vitals.css interface/login/login.php interface/main/backup.php interface/main/calendar/modules/PostCalendar/pnuserapi.php interface/main/finder/dynamic_finder_ajax.php interface/main/messages/messages.php interface/main/messages/save.php interface/main/tabs/menu/menus/standard.json interface/modules/custom_modules/oe-module-comlink-telehealth/CHANGELOG.md interface/modules/custom_modules/oe-module-comlink-telehealth/cleanup.sql interface/modules/custom_modules/oe-module-comlink-telehealth/info.txt interface/modules/custom_modules/oe-module-comlink-telehealth/moduleConfig.php interface/modules/custom_modules/oe-module-comlink-telehealth/openemr.bootstrap.php interface/modules/custom_modules/oe-module-comlink-telehealth/phpunit.xml interface/modules/custom_modules/oe-module-comlink-telehealth/public/assets/css/telehealth.css interface/modules/custom_modules/oe-module-comlink-telehealth/public/assets/js/cvb.min.js interface/modules/custom_modules/oe-module-comlink-telehealth/public/assets/js/telehealth-appointment.js interface/modules/custom_modules/oe-module-comlink-telehealth/public/assets/js/telehealth-calendar.js interface/modules/custom_modules/oe-module-comlink-telehealth/public/assets/js/telehealth.js interface/modules/custom_modules/oe-module-comlink-telehealth/public/assets/js/telehealth-patient.js interface/modules/custom_modules/oe-module-comlink-telehealth/public/assets/js/telehealth-provider.js interface/modules/custom_modules/oe-module-comlink-telehealth/public/index.php interface/modules/custom_modules/oe-module-comlink-telehealth/public/index-portal.php interface/modules/custom_modules/oe-module-comlink-telehealth/Readme.md interface/modules/custom_modules/oe-module-comlink-telehealth/sql/table.sql interface/modules/custom_modules/oe-module-comlink-telehealth/src/Bootstrap.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Controller/Admin/TeleHealthPatientAdminController.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Controller/Admin/TeleHealthUserAdminController.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Controller/TeleconferenceRoomController.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Controller/TeleHealthCalendarController.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Controller/TeleHealthFrontendSettingsController.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Controller/TeleHealthPatientPortalController.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Controller/TeleHealthVideoRegistrationController.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Exception/TelehealthProviderNotEnrolledException.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Exception/TeleHealthProviderSuspendedException.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Models/TeleHealthPersonSettings.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Models/TeleHealthUser.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Models/UserVideoRegistrationRequest.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Repository/CalendarEventCategoryRepository.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Repository/TeleHealthPersonSettingsRepository.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Repository/TeleHealthProviderRepository.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Repository/TeleHealthSessionRepository.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Repository/TeleHealthUserRepository.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Services/TelehealthRegistrationCodeService.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Services/TeleHealthRemoteRegistrationService.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/TelehealthGlobalConfig.php interface/modules/custom_modules/oe-module-comlink-telehealth/src/Util/CalendarUtils.php interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/admin/user_admin-extension.html.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/appointment/add_edit_event.js.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/conference-room.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/patient-portal.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/telehealth-frontend-settings.js.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/video-control-bar.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/waiting-room-patient.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/waiting-room-provider.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/comlink/waiting-room.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/emails/partials/patient/email-message-fhir-access.html.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/emails/partials/patient/email-message-fhir-access.text.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/patient/partials/registration-code.html.twig interface/modules/custom_modules/oe-module-comlink-telehealth/templates/portal/appointment-item.html.twig interface/modules/custom_modules/oe-module-comlink-telehealth/tests/bootstrap.php interface/modules/custom_modules/oe-module-comlink-telehealth/tests/Tests/Unit/TeleconferenceRoomControllerTest.php interface/modules/custom_modules/oe-module-comlink-telehealth/tests/Tests/Unit/TeleHealthUserRepositoryTest.php interface/modules/custom_modules/oe-module-comlink-telehealth/tests/Tests/Unit/TeleHealthVideoRegistrationControllerTest.php interface/modules/custom_modules/oe-module-comlink-telehealth/welcome.php interface/modules/zend_modules/module/Application/src/Application/Model/ApplicationTable.php interface/modules/zend_modules/module/Application/src/Application/Plugin/CommonPlugin.php interface/modules/zend_modules/module/Application/view/application/sendto/send.phtml interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Controller/CarecoordinationController.php interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Controller/EncounterccdadispatchController.php interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Controller/EncountermanagerController.php interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Model/CarecoordinationTable.php interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Model/CcdaGenerator.php interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Model/CcdaServiceDocumentRequestor.php interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Model/CcdaServiceRequestModelGenerator.php interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Model/EncounterccdadispatchTable.php interface/modules/zend_modules/module/Carecoordination/src/Carecoordination/Model/EncountermanagerTable.php interface/modules/zend_modules/module/Carecoordination/view/carecoordination/carecoordination/upload.phtml interface/modules/zend_modules/module/Carecoordination/view/carecoordination/encountermanager/index.phtml interface/modules/zend_modules/public/index.php interface/orders/receive_hl7_results.inc.php interface/orders/single_order_results.inc.php interface/patient_file/deleter.php interface/patient_file/education.php interface/patient_file/encounter/forms.php interface/patient_file/front_payment_cc.php interface/patient_file/history/encounters.php interface/patient_file/printed_fee_sheet.php interface/patient_file/report/custom_report.php interface/patient_file/summary/add_edit_amendments.php interface/patient_file/summary/create_portallogin.php interface/patient_file/summary/demographics.php interface/patient_file/summary/demographics_print.php interface/patient_file/summary/demographics_save.php interface/patient_file/summary/list_amendments.php interface/patient_file/summary/print_amendments.php interface/patient_file/summary/stats.php interface/patient_file/summary/track_anything_fragment.php interface/patient_file/transaction/print_referral.php interface/patient_tracker/patient_tracker.php interface/reports/rwt_2023_report.php interface/smart/register-app.php interface/super/edit_globals.php interface/super/edit_layout.php interface/super/manage_document_templates.php interface/super/manage_site_files.php interface/usergroup/facility_admin.php interface/usergroup/user_admin.php interface/usergroup/usergroup_admin_add.php library/ajax/billing_tracker_ajax.php library/classes/Controller.class.php library/classes/Document.class.php library/classes/Installer.class.php library/classes/InsuranceNumbers.class.php library/classes/Prescription.class.php library/classes/rulesets/Amc/library/AmcItemizedActionData.php library/classes/TreeMenu.php library/classes/X12Partner.class.php library/clinical_rules.php library/dialog.js library/direct_message_check.inc library/documents.php library/globals.inc.php library/htmlspecialchars.inc.php library/js/ajtooltip.js library/MedEx/API.php library/options.inc.php library/patient.inc library/payment.inc.php library/pnotes.inc library/standard_tables_capture.inc portal/account/register.php portal/add_edit_event_user.php portal/get_patient_info.php portal/get_pro.php portal/home.php portal/import_template.php portal/import_template_ui.php portal/index.php portal/lib/appsql.class.php portal/lib/download_template.php portal/messaging/secure_chat.php portal/patient/fwk/libs/verysimple/Phreeze/Criteria.php portal/patient/fwk/libs/verysimple/Phreeze/DataPage.php portal/patient/fwk/libs/verysimple/Phreeze/DataSet.php portal/patient/fwk/libs/verysimple/Phreeze/Phreezable.php portal/patient/fwk/libs/verysimple/Phreeze/Reporter.php portal/patient/libs/Controller/PortalPatientController.php portal/patient/scripts/app/onsitedocuments.js portal/patient/templates/OnsiteActivityViewListView.tpl.php portal/patient/templates/OnsiteDocumentListView.tpl.php portal/patient/templates/ProviderHome.tpl.php portal/questionnaire_render.php portal/report/portal_patient_report.php portal/sign/lib/save-signature.php portal/sign/lib/show-signature.php _rest_config.php _rest_routes.inc.php setup.php sites/default/documents/custom_menus/Custom.json sql/database.sql sql_patch.php sql/patch.sql src/Billing/BillingProcessor/BillingClaim.php src/Billing/BillingProcessor/Tasks/GeneratorHCFA_PDF_IMG.php src/Billing/BillingProcessor/Tasks/GeneratorX12.php src/Billing/BillingProcessor/X12RemoteTracker.php src/Billing/BillingReport.php src/Billing/Claim.php src/Billing/Hcfa1500.php src/Billing/X125010837P.php src/Common/Auth/OpenIDConnect/Grant/CustomAuthCodeGrant.php src/Common/Auth/OpenIDConnect/Grant/CustomPasswordGrant.php src/Common/Auth/OpenIDConnect/Grant/CustomRefreshTokenGrant.php src/Common/Auth/OpenIDConnect/Repositories/ScopeRepository.php src/Common/Auth/OpenIDConnect/SMARTSessionTokenContextBuilder.php src/Common/Command/CreateClientCredentialsAssertionCommand.php src/Common/Forms/CoreFormToPortalUtility.php src/Common/Http/HttpRestRequest.php src/Common/Http/HttpRestRouteHandler.php src/Common/Logging/EventAuditLogger.php src/Common/ORDataObject/Address.php src/Common/ORDataObject/ContactAddress.php src/Common/Session/SessionUtil.php src/Common/Twig/TwigExtension.php src/Common/Utils/CacheUtils.php src/Common/Uuid/UuidRegistry.php src/Core/Header.php src/Core/ModulesApplication.php src/Core/ModulesClassLoader.php src/Cqm/Qdm/BaseTypes/AbstractType.php src/Cqm/Qdm/BaseTypes/DateTime.php src/Cqm/QrdaControllers/QrdaReportController.php src/Events/Core/TemplatePageEvent.php src/Events/Patient/Summary/PortalCredentialsTemplateDataFilterEvent.php src/Events/Patient/Summary/PortalCredentialsUpdatedEvent.php src/Events/User/UserEditRenderEvent.php src/FHIR/SMART/Capability.php src/FHIR/SMART/SMARTLaunchToken.php src/Gacl/Gacl.php src/Patient/Cards/PortalCard.php src/PatientPortal/Chat/ChatController.php src/Reports/RealWorldTesting.php src/RestControllers/AppointmentRestController.php src/RestControllers/AuthorizationController.php src/RestControllers/FHIR/FhirAppointmentRestController.php src/RestControllers/FHIR/FhirDocumentRestController.php src/RestControllers/FHIR/FhirMetaDataRestController.php src/RestControllers/FHIR/Operations/FhirOperationDefinitionRestController.php src/RestControllers/FHIR/Operations/FhirOperationExportRestController.php src/RestControllers/RestControllerHelper.php src/RestControllers/SMART/SMARTConfigurationController.php src/Rx/RxList.php src/Services/AppointmentService.php src/Services/BaseService.php src/Services/Cda/CdaTemplateImportDispose.php src/Services/Cda/CdaTemplateParse.php src/Services/Cda/CdaValidateDocuments.php src/Services/Cda/XmlExtended.php src/Services/ClinicalNotesService.php src/Services/DocumentService.php src/Services/DocumentTemplates/DocumentTemplateService.php src/Services/FHIR/DiagnosticReport/FhirDiagnosticReportClinicalNotesService.php src/Services/FHIR/DiagnosticReport/FhirDiagnosticReportLaboratoryService.php src/Services/FHIR/DocumentReference/FhirClinicalNotesService.php src/Services/FHIR/DocumentReference/FhirPatientDocumentReferenceService.php src/Services/FHIR/FhirAllergyIntoleranceService.php src/Services/FHIR/FhirAppointmentService.php src/Services/FHIR/FhirCarePlanService.php src/Services/FHIR/FhirCareTeamService.php src/Services/FHIR/FhirConditionService.php src/Services/FHIR/FhirCoverageService.php src/Services/FHIR/FhirDeviceService.php src/Services/FHIR/FhirEncounterService.php src/Services/FHIR/FhirGoalService.php src/Services/FHIR/FhirImmunizationService.php src/Services/FHIR/FhirLocationService.php src/Services/FHIR/FhirMedicationRequestService.php src/Services/FHIR/FhirMedicationService.php src/Services/FHIR/FhirPatientService.php src/Services/FHIR/FhirPersonService.php src/Services/FHIR/FhirPractitionerRoleService.php src/Services/FHIR/FhirPractitionerService.php src/Services/FHIR/Group/FhirPatientProviderGroupService.php src/Services/FHIR/Observation/FhirObservationLaboratoryService.php src/Services/FHIR/Observation/FhirObservationSocialHistoryService.php src/Services/FHIR/Observation/FhirObservationVitalsService.php src/Services/FHIR/Organization/FhirOrganizationFacilityService.php src/Services/FHIR/Organization/FhirOrganizationInsuranceService.php src/Services/FHIR/Organization/FhirOrganizationProcedureProviderService.php src/Services/FHIR/Procedure/FhirProcedureOEProcedureService.php src/Services/FHIR/Procedure/FhirProcedureSurgeryService.php src/Services/FHIR/Traits/FhirBulkExportDomainResourceTrait.php src/Services/FHIR/UtilsService.php src/Services/LocationService.php src/Services/PatientService.php src/Services/PatientTrackerService.php src/Services/Qdm/Services/ImmunizationAdministeredService.php src/Services/QuestionnaireResponseService.php src/Services/QuestionnaireService.php src/Services/QuestionnaireTraits.php src/Services/Search/DateSearchField.php src/Services/Search/SearchFieldStatementResolver.php src/Services/SurgeryService.php src/Services/UserService.php .stylelintrc.json swagger/index.html swagger/openemr-api.yaml templates/core/about.html.twig templates/emails/partials/patient/email-message-fhir-access.html.twig templates/login/login_core.html.twig templates/patient/card/medication.html.twig templates/patient/partials/portal.html.twig templates/patient/portal_login/print.html.twig templates/portal/home.html.twig tests/bootstrap.php tests/Tests/Api/ApiTestClient.php tests/Tests/Api/CapabilityFhirTest.php tests/Tests/Unit/Common/Http/HttpRestParsedRouteTest.php version.php

Previous Patches

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907