96 matches found
CVE-2024-25569
An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability...
Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-1944 Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability April 25, 2024 CVE Number CVE-2024-25569 SUMMARY An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A...
Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-1924 Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability April 25, 2024 CVE Number CVE-2024-22391 SUMMARY A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23....
Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-1935 Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability April 25, 2024 CVE Number CVE-2024-22373 SUMMARY An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu...
Grassroot DICOM 缓冲区错误漏洞
Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A buffer error vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of an out-of-bounds read vulnerability, which can be caused by specially crafted DICOM files...
Grassroot DICOM 缓冲区错误漏洞
Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A security vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of an out-of-bounds write vulnerability, where a specially crafted DICOM file may cause a heap buffer overflow...
PT-2024-21011 · Mathieu Malaterre +1 · Grassroot Dicom +1
Name of the Vulnerable Software and Affected Versions: Mathieu Malaterre Grassroot DICOM version 3.0.23 Description: An out-of-bounds read issue exists in the RAWCodec::DecodeBytes functionality. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious...
Grassroot DICOM 缓冲区错误漏洞
Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A buffer error vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of a heap-based buffer overflow vulnerability, where a specially crafted, incorrectly-formatted file could result ...
PT-2024-19372
Name of the Vulnerable Software and Affected Versions Mathieu Malaterre Grassroot DICOM version 3.0.23 Description An out-of-bounds write issue exists in the JPEG2000Codec::DecodeByStreamsCommon functionality. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can...
PT-2024-19385
Name of the Vulnerable Software and Affected Versions Mathieu Malaterre Grassroot DICOM version 3.0.23 Description A heap-based buffer overflow issue exists in the LookupTable::SetLUT functionality. This can be triggered by a specially crafted malformed file, leading to memory corruption. An...
CVE-2021-29455
Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...
CVE-2021-29455
Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...
Design/Logic Flaw
Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...
CVE-2021-29455 Missing validation of JWT signature in `grassrootza/grassroot-platform`
Grassroot Platform is an application to make it faster, cheaper and easier to persistently organize and mobilize people in low-income communities. Grassroot Platform before master deployment as of 2021-04-16 did not properly verify the signature of JSON Web Tokens when refreshing an existing JWT...
CVE-2021-29455
Grassroot Platform (Grassroot Platform) has a JWT signature verification flaw during refresh, allowing forging a valid JWT. Root cause: JWTs are not properly verified when refreshing an existing token. Impact stated as enabling partial integrity compromise, with no confidentiality breach noted in...
Luke Jordan Grassroot Platform 数据伪造问题漏洞
Luke Jordan grassroot-platform is an open source application by Luke Jordan. An application that makes it faster, cheaper and easier to sustainably organize and mobilize people in low-income communities. A security vulnerability exists in Luke Jordan Grassroot Platform that allows for the forgery...