7 matches found
Fedora 44 : python-pydicom (2026-9eecdef4e0)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9eecdef4e0 advisory. Patch release for security advisory CVE-2026-32711. A crafted DICOMDIR could create a path traversal by setting ReferencedFileID to a path outside the File-s...
EUVD-2026-13433
pydicom has a path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root...
GHSA-V856-2RF8-9F28 pydicom has a path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root
Summary A crafted DICOMDIR can set ReferencedFileID to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy, write, and...
pydicom has a path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root
Summary A crafted DICOMDIR can set ReferencedFileID to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy, write, and...
CVE-2026-32711
pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, b...
CVE-2026-32711 pydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root
pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, b...
CVE-2026-32711
pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, b...