Refine your search
38 vulnerabilities found for DCMTK by OFFIS
CVE-2022-4981 (GCVE-0-2022-4981)
Vulnerability from nvd
Published
2025-10-21 15:02
Modified
2025-10-21 15:22
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. Upgrading to version 3.6.8 is sufficient to resolve this issue. The patch is identified as 957fb31e5. Upgrading the affected component is advised.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4981",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T15:22:37.057203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:22:40.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://shimo.im/docs/e1Azd4dDQXUgOGqW/read"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"dcmqrscp"
],
"product": "DCMTK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.6.4"
},
{
"status": "affected",
"version": "3.6.5"
},
{
"status": "affected",
"version": "3.6.6"
},
{
"status": "affected",
"version": "3.6.7"
},
{
"status": "unaffected",
"version": "3.6.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zh_vul (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. Upgrading to version 3.6.8 is sufficient to resolve this issue. The patch is identified as 957fb31e5. Upgrading the affected component is advised."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in DCMTK up to 3.6.7 entdeckt. Betroffen ist die Funktion DcmQueryRetrieveConfig::readPeerList der Datei /dcmqrcnf.cc der Komponente dcmqrscp. Dank Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden. Das Aktualisieren auf Version 3.6.8 kann dieses Problem l\u00f6sen. Die Bezeichnung des Patches lautet 957fb31e5. Die Aktualisierung der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:02:13.727Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-329029 | DCMTK dcmqrscp dcmqrcnf.cc readPeerList null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.329029"
},
{
"name": "VDB-329029 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.329029"
},
{
"name": "Submit #673134 | DCMTK GitHub Repository DCMTK 3.6.5 NULL Pointer Dereference",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.673134"
},
{
"tags": [
"issue-tracking"
],
"url": "https://support.dcmtk.org/redmine/issues/1026"
},
{
"tags": [
"exploit"
],
"url": "https://shimo.im/docs/e1Azd4dDQXUgOGqW/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-10-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-19T12:32:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "DCMTK dcmqrscp dcmqrcnf.cc readPeerList null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2022-4981",
"datePublished": "2025-10-21T15:02:13.727Z",
"dateReserved": "2025-10-19T10:26:26.206Z",
"dateUpdated": "2025-10-21T15:22:40.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36855 (GCVE-0-2020-36855)
Vulnerability from nvd
Published
2025-10-21 15:02
Modified
2025-10-21 15:23
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. Upgrading to version 3.6.6 is sufficient to fix this issue. The identifier of the patch is 0fef9f02e. It is recommended to upgrade the affected component.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36855",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T15:23:22.095138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:23:26.003Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://shimo.im/docs/rp3OMVMDPKtjn0km/read"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"dcmqrscp"
],
"product": "DCMTK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.6.4"
},
{
"status": "affected",
"version": "3.6.5"
},
{
"status": "unaffected",
"version": "3.6.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zh_vul (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. Upgrading to version 3.6.6 is sufficient to fix this issue. The identifier of the patch is 0fef9f02e. It is recommended to upgrade the affected component."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in DCMTK up to 3.6.5 gefunden. Hiervon betroffen ist die Funktion parseQuota der Komponente dcmqrscp. Dank der Manipulation des Arguments StorageQuota mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden. Ein Aktualisieren auf die Version 3.6.6 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 0fef9f02e bezeichnet. Ein Upgrade der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:02:09.082Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-329028 | DCMTK dcmqrscp parseQuota stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.329028"
},
{
"name": "VDB-329028 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.329028"
},
{
"name": "Submit #673137 | DCMTK GitHub Repository DCMTK 3.6.5 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.673137"
},
{
"tags": [
"exploit"
],
"url": "https://shimo.im/docs/rp3OMVMDPKtjn0km/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-10-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-19T12:32:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "DCMTK dcmqrscp parseQuota stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2020-36855",
"datePublished": "2025-10-21T15:02:09.082Z",
"dateReserved": "2025-10-19T10:27:07.409Z",
"dateUpdated": "2025-10-21T15:23:26.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2357 (GCVE-0-2025-2357)
Vulnerability from nvd
Published
2025-03-17 01:31
Modified
2025-11-03 19:43
Severity ?
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption
Summary
A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-17T13:24:12.471452Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T13:28:21.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:43:06.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"dcmjpls JPEG-LS Decoder"
],
"product": "DCMTK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.6.9"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "0x20z (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue."
},
{
"lang": "de",
"value": "In DCMTK 3.6.9 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Komponente dcmjpls JPEG-LS Decoder. Durch Manipulieren mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Der Patch wird als 3239a7915 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T01:31:04.874Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-299824 | DCMTK dcmjpls JPEG-LS Decoder memory corruption",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.299824"
},
{
"name": "VDB-299824 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.299824"
},
{
"name": "Submit #513692 | DCMTK v3.6.9+DEV segmentation fault",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.513692"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://support.dcmtk.org/redmine/issues/1155"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://support.dcmtk.org/redmine/issues/1155?tab=history#note-1"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-15T23:13:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "DCMTK dcmjpls JPEG-LS Decoder memory corruption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2357",
"datePublished": "2025-03-17T01:31:04.874Z",
"dateReserved": "2025-03-15T22:06:35.006Z",
"dateUpdated": "2025-11-03T19:43:06.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25475 (GCVE-0-2025-25475)
Vulnerability from nvd
Published
2025-02-18 00:00
Modified
2025-11-03 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-25475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T21:07:26.514264Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T21:33:14.488Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:45:08.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T22:14:54.056Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=bffa3e9116abb7038b432443f16b1bd390e80245"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/bffa3e9116abb7038b432443f16b1bd390e80245"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-25475",
"datePublished": "2025-02-18T00:00:00.000Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-03T19:45:08.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25474 (GCVE-0-2025-25474)
Vulnerability from nvd
Published
2025-02-18 00:00
Modified
2025-11-03 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-25474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T21:11:50.295883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T21:12:30.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:45:06.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T22:17:30.058Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d205bcd307164c99e0d4bbf412110372658d847"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-25474",
"datePublished": "2025-02-18T00:00:00.000Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-03T19:45:06.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25472 (GCVE-0-2025-25472)
Vulnerability from nvd
Published
2025-02-18 00:00
Modified
2025-11-03 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-25472",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T20:59:55.001616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T21:01:51.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:45:05.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T22:19:02.665Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=410ffe2019b9db6a8f4036daac742a6f5e4d36c2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-25472",
"datePublished": "2025-02-18T00:00:00.000Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-03T19:45:05.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-52333 (GCVE-0-2024-52333)
Vulnerability from nvd
Published
2025-01-13 14:10
Modified
2025-11-03 20:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T14:40:23.630843Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T14:41:19.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:45:33.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2121"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCMTK",
"vendor": "OFFIS",
"versions": [
{
"status": "affected",
"version": "3.6.8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Emmanuel Tacheau of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T14:10:57.919Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2121",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2121"
},
{
"name": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=03e851b0586d05057c3268988e180ffb426b2e03",
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=03e851b0586d05057c3268988e180ffb426b2e03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-52333",
"datePublished": "2025-01-13T14:10:57.919Z",
"dateReserved": "2024-12-02T09:49:12.218Z",
"dateUpdated": "2025-11-03T20:45:33.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-47796 (GCVE-0-2024-47796)
Vulnerability from nvd
Published
2025-01-13 14:10
Modified
2025-11-03 20:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T14:43:15.436565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T14:43:48.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:40:52.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2122"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCMTK",
"vendor": "OFFIS",
"versions": [
{
"status": "affected",
"version": "3.6.8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Emmanuel Tacheau of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T14:10:57.213Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2122",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2122"
},
{
"name": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=89a6e399f1e17d08a8bc8cdaa05b2ac9a50cd4f6",
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=89a6e399f1e17d08a8bc8cdaa05b2ac9a50cd4f6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-47796",
"datePublished": "2025-01-13T14:10:57.213Z",
"dateReserved": "2024-12-03T15:01:04.097Z",
"dateUpdated": "2025-11-03T20:40:52.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-34509 (GCVE-0-2024-34509)
Vulnerability from nvd
Published
2024-05-05 00:00
Modified
2025-11-03 20:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-34509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:40:37.299123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T19:28:01.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:37:31.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.dcmtk.org/redmine/issues/1114"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:10.329Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.dcmtk.org/redmine/issues/1114"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-34509",
"datePublished": "2024-05-05T00:00:00.000Z",
"dateReserved": "2024-05-05T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:37:31.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-34508 (GCVE-0-2024-34508)
Vulnerability from nvd
Published
2024-05-05 00:00
Modified
2025-11-03 20:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-34508",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:05:58.171925Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T20:09:10.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:37:30.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.dcmtk.org/redmine/issues/1114"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:15.077Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.dcmtk.org/redmine/issues/1114"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-34508",
"datePublished": "2024-05-05T00:00:00.000Z",
"dateReserved": "2024-05-05T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:37:30.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28130 (GCVE-0-2024-28130)
Vulnerability from nvd
Published
2024-04-23 14:46
Modified
2025-11-04 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-704 - Incorrect Type Conversion or Cast
Summary
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:offis:dcmtk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dcmtk",
"vendor": "offis",
"versions": [
{
"lessThanOrEqual": "3.6.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T16:15:20.981646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:03:51.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:19:39.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1957"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCMTK",
"vendor": "OFFIS",
"versions": [
{
"status": "affected",
"version": "3.6.8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Emmanuel Tacheau of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-704",
"description": "CWE-704: Incorrect Type Conversion or Cast",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:04.364Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-28130",
"datePublished": "2024-04-23T14:46:43.296Z",
"dateReserved": "2024-03-07T10:05:15.275Z",
"dateUpdated": "2025-11-04T17:19:39.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-43272 (GCVE-0-2022-43272)
Vulnerability from nvd
Published
2022-12-02 00:00
Modified
2025-11-03 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:offis:dcmtk:3.6.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dcmtk",
"vendor": "offis",
"versions": [
{
"status": "affected",
"version": "3.6.7"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-43272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T16:53:28.265409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T16:58:53.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:35:09.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7"
},
{
"name": "FEDORA-2023-fe6fa5696e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3QG7MSHORLYAHDXMYG6FQKU4GOCRBCR/"
},
{
"name": "FEDORA-2023-83b529bd34",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMQ2USESKF6OAZAH64OFHNK2HJIJVGPP/"
},
{
"name": "FEDORA-2023-eda976b192",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HROBSUUV2LZCYUNODI2YM7G7AYYO75B/"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:13.523Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw"
},
{
"url": "https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7"
},
{
"name": "FEDORA-2023-fe6fa5696e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3QG7MSHORLYAHDXMYG6FQKU4GOCRBCR/"
},
{
"name": "FEDORA-2023-83b529bd34",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMQ2USESKF6OAZAH64OFHNK2HJIJVGPP/"
},
{
"name": "FEDORA-2023-eda976b192",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HROBSUUV2LZCYUNODI2YM7G7AYYO75B/"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-43272",
"datePublished": "2022-12-02T00:00:00.000Z",
"dateReserved": "2022-10-17T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:35:09.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-41690 (GCVE-0-2021-41690)
Vulnerability from nvd
Published
2022-06-28 09:41
Modified
2025-11-03 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41690",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T18:13:18.028574Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T18:13:26.233Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:33:59.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:08.740Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/DCMTK/dcmtk"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41690",
"datePublished": "2022-06-28T09:41:00.000Z",
"dateReserved": "2021-09-27T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:33:59.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-41689 (GCVE-0-2021-41689)
Vulnerability from nvd
Published
2022-06-28 09:38
Modified
2025-11-03 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dcmtk:dcmtk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dcmtk",
"vendor": "dcmtk",
"versions": [
{
"lessThanOrEqual": "3.6.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-41689",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T19:48:58.769156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T19:55:05.017Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:33:58.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/5c14bf53fb42ceca12bbcc0016e8704b1580920d"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:03.859Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/DCMTK/dcmtk"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/5c14bf53fb42ceca12bbcc0016e8704b1580920d"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41689",
"datePublished": "2022-06-28T09:38:17.000Z",
"dateReserved": "2021-09-27T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:33:58.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-41688 (GCVE-0-2021-41688)
Vulnerability from nvd
Published
2022-06-28 09:44
Modified
2025-11-03 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41688",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T13:47:23.398263Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T13:47:32.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:33:56.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:11.849Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/DCMTK/dcmtk"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41688",
"datePublished": "2022-06-28T09:44:06.000Z",
"dateReserved": "2021-09-27T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:33:56.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-41687 (GCVE-0-2021-41687)
Vulnerability from nvd
Published
2022-06-28 09:46
Modified
2025-11-03 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:33:55.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:07.170Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/DCMTK/dcmtk"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41687",
"datePublished": "2022-06-28T09:46:23.000Z",
"dateReserved": "2021-09-27T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:33:55.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-4981 (GCVE-0-2022-4981)
Vulnerability from cvelistv5
Published
2025-10-21 15:02
Modified
2025-10-21 15:22
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. Upgrading to version 3.6.8 is sufficient to resolve this issue. The patch is identified as 957fb31e5. Upgrading the affected component is advised.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4981",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T15:22:37.057203Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:22:40.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://shimo.im/docs/e1Azd4dDQXUgOGqW/read"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"dcmqrscp"
],
"product": "DCMTK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.6.4"
},
{
"status": "affected",
"version": "3.6.5"
},
{
"status": "affected",
"version": "3.6.6"
},
{
"status": "affected",
"version": "3.6.7"
},
{
"status": "unaffected",
"version": "3.6.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zh_vul (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. Upgrading to version 3.6.8 is sufficient to resolve this issue. The patch is identified as 957fb31e5. Upgrading the affected component is advised."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in DCMTK up to 3.6.7 entdeckt. Betroffen ist die Funktion DcmQueryRetrieveConfig::readPeerList der Datei /dcmqrcnf.cc der Komponente dcmqrscp. Dank Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden. Das Aktualisieren auf Version 3.6.8 kann dieses Problem l\u00f6sen. Die Bezeichnung des Patches lautet 957fb31e5. Die Aktualisierung der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:02:13.727Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-329029 | DCMTK dcmqrscp dcmqrcnf.cc readPeerList null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.329029"
},
{
"name": "VDB-329029 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.329029"
},
{
"name": "Submit #673134 | DCMTK GitHub Repository DCMTK 3.6.5 NULL Pointer Dereference",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.673134"
},
{
"tags": [
"issue-tracking"
],
"url": "https://support.dcmtk.org/redmine/issues/1026"
},
{
"tags": [
"exploit"
],
"url": "https://shimo.im/docs/e1Azd4dDQXUgOGqW/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-10-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-19T12:32:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "DCMTK dcmqrscp dcmqrcnf.cc readPeerList null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2022-4981",
"datePublished": "2025-10-21T15:02:13.727Z",
"dateReserved": "2025-10-19T10:26:26.206Z",
"dateUpdated": "2025-10-21T15:22:40.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36855 (GCVE-0-2020-36855)
Vulnerability from cvelistv5
Published
2025-10-21 15:02
Modified
2025-10-21 15:23
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. Upgrading to version 3.6.6 is sufficient to fix this issue. The identifier of the patch is 0fef9f02e. It is recommended to upgrade the affected component.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36855",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T15:23:22.095138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:23:26.003Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://shimo.im/docs/rp3OMVMDPKtjn0km/read"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"dcmqrscp"
],
"product": "DCMTK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.6.3"
},
{
"status": "affected",
"version": "3.6.4"
},
{
"status": "affected",
"version": "3.6.5"
},
{
"status": "unaffected",
"version": "3.6.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zh_vul (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. Upgrading to version 3.6.6 is sufficient to fix this issue. The identifier of the patch is 0fef9f02e. It is recommended to upgrade the affected component."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in DCMTK up to 3.6.5 gefunden. Hiervon betroffen ist die Funktion parseQuota der Komponente dcmqrscp. Dank der Manipulation des Arguments StorageQuota mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden. Ein Aktualisieren auf die Version 3.6.6 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 0fef9f02e bezeichnet. Ein Upgrade der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:02:09.082Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-329028 | DCMTK dcmqrscp parseQuota stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.329028"
},
{
"name": "VDB-329028 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.329028"
},
{
"name": "Submit #673137 | DCMTK GitHub Repository DCMTK 3.6.5 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.673137"
},
{
"tags": [
"exploit"
],
"url": "https://shimo.im/docs/rp3OMVMDPKtjn0km/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-10-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-19T12:32:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "DCMTK dcmqrscp parseQuota stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2020-36855",
"datePublished": "2025-10-21T15:02:09.082Z",
"dateReserved": "2025-10-19T10:27:07.409Z",
"dateUpdated": "2025-10-21T15:23:26.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2357 (GCVE-0-2025-2357)
Vulnerability from cvelistv5
Published
2025-03-17 01:31
Modified
2025-11-03 19:43
Severity ?
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption
Summary
A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-17T13:24:12.471452Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T13:28:21.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:43:06.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"dcmjpls JPEG-LS Decoder"
],
"product": "DCMTK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.6.9"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "0x20z (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue."
},
{
"lang": "de",
"value": "In DCMTK 3.6.9 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Komponente dcmjpls JPEG-LS Decoder. Durch Manipulieren mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Der Patch wird als 3239a7915 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T01:31:04.874Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-299824 | DCMTK dcmjpls JPEG-LS Decoder memory corruption",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.299824"
},
{
"name": "VDB-299824 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.299824"
},
{
"name": "Submit #513692 | DCMTK v3.6.9+DEV segmentation fault",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.513692"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://support.dcmtk.org/redmine/issues/1155"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://support.dcmtk.org/redmine/issues/1155?tab=history#note-1"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-15T23:13:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "DCMTK dcmjpls JPEG-LS Decoder memory corruption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2357",
"datePublished": "2025-03-17T01:31:04.874Z",
"dateReserved": "2025-03-15T22:06:35.006Z",
"dateUpdated": "2025-11-03T19:43:06.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25474 (GCVE-0-2025-25474)
Vulnerability from cvelistv5
Published
2025-02-18 00:00
Modified
2025-11-03 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-25474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T21:11:50.295883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T21:12:30.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:45:06.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T22:17:30.058Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d205bcd307164c99e0d4bbf412110372658d847"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-25474",
"datePublished": "2025-02-18T00:00:00.000Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-03T19:45:06.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25475 (GCVE-0-2025-25475)
Vulnerability from cvelistv5
Published
2025-02-18 00:00
Modified
2025-11-03 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-25475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T21:07:26.514264Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T21:33:14.488Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:45:08.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T22:14:54.056Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=bffa3e9116abb7038b432443f16b1bd390e80245"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/bffa3e9116abb7038b432443f16b1bd390e80245"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-25475",
"datePublished": "2025-02-18T00:00:00.000Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-03T19:45:08.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25472 (GCVE-0-2025-25472)
Vulnerability from cvelistv5
Published
2025-02-18 00:00
Modified
2025-11-03 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-25472",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T20:59:55.001616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T21:01:51.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:45:05.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T22:19:02.665Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=410ffe2019b9db6a8f4036daac742a6f5e4d36c2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-25472",
"datePublished": "2025-02-18T00:00:00.000Z",
"dateReserved": "2025-02-07T00:00:00.000Z",
"dateUpdated": "2025-11-03T19:45:05.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-52333 (GCVE-0-2024-52333)
Vulnerability from cvelistv5
Published
2025-01-13 14:10
Modified
2025-11-03 20:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T14:40:23.630843Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T14:41:19.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:45:33.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2121"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCMTK",
"vendor": "OFFIS",
"versions": [
{
"status": "affected",
"version": "3.6.8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Emmanuel Tacheau of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T14:10:57.919Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2121",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2121"
},
{
"name": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=03e851b0586d05057c3268988e180ffb426b2e03",
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=03e851b0586d05057c3268988e180ffb426b2e03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-52333",
"datePublished": "2025-01-13T14:10:57.919Z",
"dateReserved": "2024-12-02T09:49:12.218Z",
"dateUpdated": "2025-11-03T20:45:33.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-47796 (GCVE-0-2024-47796)
Vulnerability from cvelistv5
Published
2025-01-13 14:10
Modified
2025-11-03 20:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T14:43:15.436565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T14:43:48.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:40:52.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2122"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCMTK",
"vendor": "OFFIS",
"versions": [
{
"status": "affected",
"version": "3.6.8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Emmanuel Tacheau of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T14:10:57.213Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2122",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2122"
},
{
"name": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=89a6e399f1e17d08a8bc8cdaa05b2ac9a50cd4f6",
"url": "https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=89a6e399f1e17d08a8bc8cdaa05b2ac9a50cd4f6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-47796",
"datePublished": "2025-01-13T14:10:57.213Z",
"dateReserved": "2024-12-03T15:01:04.097Z",
"dateUpdated": "2025-11-03T20:40:52.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-34508 (GCVE-0-2024-34508)
Vulnerability from cvelistv5
Published
2024-05-05 00:00
Modified
2025-11-03 20:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-34508",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:05:58.171925Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T20:09:10.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:37:30.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.dcmtk.org/redmine/issues/1114"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:15.077Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.dcmtk.org/redmine/issues/1114"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-34508",
"datePublished": "2024-05-05T00:00:00.000Z",
"dateReserved": "2024-05-05T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:37:30.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-34509 (GCVE-0-2024-34509)
Vulnerability from cvelistv5
Published
2024-05-05 00:00
Modified
2025-11-03 20:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-34509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:40:37.299123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T19:28:01.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:37:31.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.dcmtk.org/redmine/issues/1114"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:10.329Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.dcmtk.org/redmine/issues/1114"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-34509",
"datePublished": "2024-05-05T00:00:00.000Z",
"dateReserved": "2024-05-05T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:37:31.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-28130 (GCVE-0-2024-28130)
Vulnerability from cvelistv5
Published
2024-04-23 14:46
Modified
2025-11-04 17:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-704 - Incorrect Type Conversion or Cast
Summary
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:offis:dcmtk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dcmtk",
"vendor": "offis",
"versions": [
{
"lessThanOrEqual": "3.6.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T16:15:20.981646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:03:51.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:19:39.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1957"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DCMTK",
"vendor": "OFFIS",
"versions": [
{
"status": "affected",
"version": "3.6.8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by Emmanuel Tacheau of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-704",
"description": "CWE-704: Incorrect Type Conversion or Cast",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:04.364Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1957"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-28130",
"datePublished": "2024-04-23T14:46:43.296Z",
"dateReserved": "2024-03-07T10:05:15.275Z",
"dateUpdated": "2025-11-04T17:19:39.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-43272 (GCVE-0-2022-43272)
Vulnerability from cvelistv5
Published
2022-12-02 00:00
Modified
2025-11-03 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:offis:dcmtk:3.6.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dcmtk",
"vendor": "offis",
"versions": [
{
"status": "affected",
"version": "3.6.7"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-43272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T16:53:28.265409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T16:58:53.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:35:09.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7"
},
{
"name": "FEDORA-2023-fe6fa5696e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3QG7MSHORLYAHDXMYG6FQKU4GOCRBCR/"
},
{
"name": "FEDORA-2023-83b529bd34",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMQ2USESKF6OAZAH64OFHNK2HJIJVGPP/"
},
{
"name": "FEDORA-2023-eda976b192",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HROBSUUV2LZCYUNODI2YM7G7AYYO75B/"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:13.523Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw"
},
{
"url": "https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7"
},
{
"name": "FEDORA-2023-fe6fa5696e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3QG7MSHORLYAHDXMYG6FQKU4GOCRBCR/"
},
{
"name": "FEDORA-2023-83b529bd34",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMQ2USESKF6OAZAH64OFHNK2HJIJVGPP/"
},
{
"name": "FEDORA-2023-eda976b192",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HROBSUUV2LZCYUNODI2YM7G7AYYO75B/"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-43272",
"datePublished": "2022-12-02T00:00:00.000Z",
"dateReserved": "2022-10-17T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:35:09.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-41687 (GCVE-0-2021-41687)
Vulnerability from cvelistv5
Published
2022-06-28 09:46
Modified
2025-11-03 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:33:55.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsing. Sending specific requests to the dcmqrdb program incur the memory leak. An attacker can use it to launch a DoS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:07.170Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/DCMTK/dcmtk"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41687",
"datePublished": "2022-06-28T09:46:23.000Z",
"dateReserved": "2021-09-27T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:33:55.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-41688 (GCVE-0-2021-41688)
Vulnerability from cvelistv5
Published
2022-06-28 09:44
Modified
2025-11-03 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41688",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T13:47:23.398263Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T13:47:32.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:33:56.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific requests to the dcmqrdb program will incur a double free. An attacker can use it to launch a DoS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T19:06:11.849Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/DCMTK/dcmtk"
},
{
"url": "https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb"
},
{
"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41688",
"datePublished": "2022-06-28T09:44:06.000Z",
"dateReserved": "2021-09-27T00:00:00.000Z",
"dateUpdated": "2025-11-03T20:33:56.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}