GHSA-vpxm-cr3r-pjp9: General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches
We recently underwent Penetration Testing of OpenMRS by a third-party company. Vulnerabilities were found, and fixes have been made and released. We’ve released security updates that include critical fixes, and so, we strongly recommend upgrading affected modules.
This notice applies to all OpenMRS instances. The testers used the OpenMRS v3 Reference Application (O3 RefApp); however, their findings highlighted modules commonly used in older OpenMRS applications, including the O2 RefApp.
References
Detect and mitigate GHSA-vpxm-cr3r-pjp9 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →