Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20210716-02
HistoryJul 16, 2021 - 12:00 a.m.

ROS-20210716-02

2021-07-1600:00:00
redos.red-soft.ru
5
dicom dcmtk
vulnerability
denial of service
memory release
remote attack
parsing errors

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

JSON

A vulnerability in the DICOM DCMTK library is related to pointer dereferencing errors.
Exploitation of the vulnerability allows an attacker to cause a denial of service

Vulnerability of the library for working with DICOM DCMTK format is related to allocation of heap memory for parsing the
data, but not releasing it when parsing errors occur. Exploitation of the vulnerability allows
An attacker acting remotely to cause a denial of service

A vulnerability in the DICOM DCMTK library is related to memory re-release,
to remotely cause a denial of service

Vulnerability of the library for working with DICOM DCMTK format is related to sending certain requests to the
dcmqrdb program, followed by querying its database and copying the result. Exploitation
vulnerability allows a remote attacker to cause a denial of service.

Vulnerability in the library for working with DICOM DCMTK format is related to writing all allocated memory to the global variable LST and not to the global variable LST.
global variable LST and not releasing it properly. Exploitation of the vulnerability allows
an attacker acting remotely to cause a denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64dcmtk< 3.6.8-1UNKNOWN

Related

nessus 5
openvas 6
mageia 2
osv 8
ubuntu 1
prion 5
cnvd 4
debiancve 5
cvelist 5
gitlab 5
veracode 5
cve 5
ubuntucve 5
vulnrichment 4
nvd 5
ics 1
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : DCMTK vulnerabilities (USN-7010-1)
2024-09-17 00:00:00
Debian dla-3847 : dcmtk - security update
2024-06-28 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : DCMTK vulnerabilities (USN-5882-1)
2023-02-22 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3847-1)
2024-07-01 00:00:00
Mageia: Security Advisory (MGASA-2024-0251)
2024-07-04 00:00:00
Ubuntu: Security Advisory (USN-7010-1)
2024-09-18 00:00:00
mageia
mageia
Updated dcmtk packages fix security vulnerabilities
2024-07-03 19:36:28
Updated dcmtk packages fix security vulnerability
2023-03-11 22:00:39
osv
osv
dcmtk - security update
2024-06-28 00:00:00
dcmtk vulnerabilities
2023-02-22 18:23:35
dcmtk vulnerabilities
2024-09-17 05:18:27
ubuntu
ubuntu
DCMTK vulnerabilities
2023-02-22 00:00:00
prion
prion
Double free
2022-06-28 13:15:00
Double free
2022-06-28 13:15:00
Double free
2022-06-28 13:15:00
cnvd
cnvd
DCMTK double release vulnerability
2022-06-30 00:00:00
DCMTK Heap Buffer Overflow Vulnerability (CNVD-2022-60669)
2022-06-30 00:00:00
DCMTK Denial of Service Vulnerability
2022-06-30 00:00:00
debiancve
debiancve
CVE-2021-41688
2022-06-28 13:15:10
CVE-2021-41689
2022-06-28 13:15:10
CVE-2021-41687
2022-06-28 13:15:10
cvelist
cvelist
CVE-2021-41690
2022-06-28 09:41:00
CVE-2021-41688
2022-06-28 09:44:06
CVE-2021-41687
2022-06-28 09:46:23
gitlab
gitlab
NULL Pointer Dereference
2022-06-28 00:00:00
Missing Release of Memory after Effective Lifetime
2022-06-28 00:00:00
Double Free
2022-06-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-06-29 06:50:32
Denial Of Service (DoS)
2022-06-29 06:51:05
Denial Of Service (DoS)
2022-06-29 14:31:51
cve
cve
CVE-2021-41689
2022-06-28 13:15:10
CVE-2021-41687
2022-06-28 13:15:10
CVE-2021-41688
2022-06-28 13:15:10
ubuntucve
ubuntucve
CVE-2021-41689
2022-06-28 00:00:00
CVE-2021-41690
2022-06-28 00:00:00
CVE-2021-41687
2022-06-28 00:00:00
vulnrichment
vulnrichment
CVE-2021-41690
2022-06-28 09:41:00
CVE-2021-41689
2022-06-28 09:38:17
CVE-2021-41688
2022-06-28 09:44:06
nvd
nvd
CVE-2021-41690
2022-06-28 13:15:10
CVE-2021-41688
2022-06-28 13:15:10
CVE-2021-41687
2022-06-28 13:15:10
ics
ics
OFFIS DCMTK
2022-06-23 12:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

JSON
Related for ROS-20210716-02
nessus5openvas6mageia2osv8ubuntu1prion5cnvd4debiancve5cvelist5gitlab5veracode5cve5ubuntucve5vulnrichment4nvd5ics1