Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2024-0251
HistoryJul 03, 2024 - 7:36 p.m.

Updated dcmtk packages fix security vulnerabilities

2024-07-0319:36:28
Gentoo Foundation
advisories.mageia.org
3
dcmtk
security vulnerabilities
dicom standard
memory
segmentation faults
unix

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

Low

JSON

Multiple vulnerabilities have benn fixed in DCMTK, a collection of libraries and applications implementing large parts the DICOM standard for medical images. CVE-2021-41687 Incorrect freeing of memory CVE-2021-41688 Incorrect freeing of memory CVE-2021-41689 NULL pointer dereference CVE-2021-41690 Incorrect freeing of memory CVE-2022-2121 NULL pointer dereference CVE-2022-43272 Memory leak in single process mode CVE-2024-28130 Segmentation faults due to incorrect typecast CVE-2024-34508 Segmentation fault via invalid DIMSE message CVE-2024-34509 Segmentation fault via invalid DIMSE message

OSVersionArchitecturePackageVersionFilename
Mageia9noarchdcmtk< 3.6.7-4.1dcmtk-3.6.7-4.1.mga9

Related

openvas 9
nessus 9
osv 10
ubuntu 1
mageia 1
cve 9
gitlab 6
cnvd 4
veracode 6
nvd 9
talos 1
cvelist 9
vulnrichment 5
debiancve 9
ubuntucve 8
prion 6
fedora 3
ics 1
talosblog 1
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0251)
2024-07-04 00:00:00
Debian: Security Advisory (DLA-3847-1)
2024-07-01 00:00:00
Ubuntu: Security Advisory (USN-5882-1)
2023-02-23 00:00:00
nessus
nessus
Debian dla-3847 : dcmtk - security update
2024-06-28 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : DCMTK vulnerabilities (USN-5882-1)
2023-02-22 00:00:00
openSUSE 15 Security Update : dcmtk (openSUSE-SU-2023:0108-1)
2023-05-16 00:00:00
osv
osv
dcmtk - security update
2024-06-28 00:00:00
dcmtk vulnerabilities
2023-02-22 18:23:35
CVE-2024-34509
2024-05-05 20:15:07
ubuntu
ubuntu
DCMTK vulnerabilities
2023-02-22 00:00:00
mageia
mageia
Updated dcmtk packages fix security vulnerability
2023-03-11 22:00:39
cve
cve
CVE-2021-41687
2022-06-28 13:15:10
CVE-2024-28130
2024-04-23 15:15:49
CVE-2024-34508
2024-05-05 20:15:07
gitlab
gitlab
NULL Pointer Dereference
2022-06-28 00:00:00
Missing Release of Memory after Effective Lifetime
2022-06-28 00:00:00
Double Free
2022-06-28 00:00:00
cnvd
cnvd
DCMTK Heap Buffer Overflow Vulnerability (CNVD-2022-60669)
2022-06-30 00:00:00
DCMTK Denial of Service Vulnerability
2022-06-30 00:00:00
DCMTK double release vulnerability
2022-06-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-06-29 06:50:32
Denial Of Service (DoS)
2022-06-29 06:51:05
Denial Of Service (DoS)
2022-06-29 14:31:51
nvd
nvd
CVE-2024-28130
2024-04-23 15:15:49
CVE-2024-34508
2024-05-05 20:15:07
CVE-2021-41689
2022-06-28 13:15:10
talos
talos
OFFIS DCMTK DVPSSoftcopyVOI_PList::createFromImage incorrect type conversion vulnerability
2024-04-23 00:00:00
cvelist
cvelist
CVE-2024-34508
2024-05-05 00:00:00
CVE-2024-34509
2024-05-05 00:00:00
CVE-2024-28130
2024-04-23 14:46:43
vulnrichment
vulnrichment
CVE-2024-34508
2024-05-05 00:00:00
CVE-2024-28130
2024-04-23 14:46:43
CVE-2024-34509
2024-05-05 00:00:00
debiancve
debiancve
CVE-2024-34508
2024-05-05 20:15:07
CVE-2024-28130
2024-04-23 15:15:49
CVE-2024-34509
2024-05-05 20:15:07
ubuntucve
ubuntucve
CVE-2024-34508
2024-05-05 00:00:00
CVE-2021-41687
2022-06-28 00:00:00
CVE-2021-41689
2022-06-28 00:00:00
prion
prion
Double free
2022-06-28 13:15:00
Design/Logic Flaw
2022-06-28 13:15:00
Double free
2022-06-28 13:15:00
fedora
fedora
[SECURITY] Fedora 37 Update: dcmtk-3.6.7-3.fc37
2023-03-11 04:28:19
[SECURITY] Fedora 38 Update: dcmtk-3.6.7-3.fc38
2023-03-11 03:55:09
[SECURITY] Fedora 36 Update: dcmtk-3.6.7-3.fc36
2023-03-11 04:03:25
ics
ics
OFFIS DCMTK
2022-06-23 12:00:00
talosblog
talosblog
Vulnerabilities in employee management system could lead to remote code execution, login credential theft
2024-05-01 16:00:12

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

Low

JSON
Related for MGASA-2024-0251
openvas9nessus9osv10ubuntu1mageia1cve9gitlab6cnvd4veracode6nvd9talos1cvelist9vulnrichment5debiancve9ubuntucve8prion6fedora3ics1talosblog1