Filtered by vendor Dev.dsf
Subscriptions
Filtered by product Dsf-common-jetty
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-40939 | 2 Datasharingframework, Dev.dsf | 4 Dsf, Dsf-bpe-server, Dsf-common-jetty and 1 more | 2026-04-22 | N/A |
| The Data Sharing Framework (DSF) implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired. This vulnerability is fixed in 2.1.0. | ||||
Page 1 of 1.