EUVD-2023-44520

Malicious code in bioql PyPI...

Xxe

Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this docume...

CVE-2023-3892 Unsafe XML parsing of 3rd party DICOM private tags may lead to XXE

Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this docume...

CVE-2023-3892 Unsafe XML parsing of 3rd party DICOM private tags may lead to XXE

Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this docume...

CVE-2023-3892

CVE-2023-3892 affects MIM Assistant and MIM Client’s DICOM RTst Loading modules, via an improper restriction of XML External Entity (XXE) references. The root cause is handling of XML that can enable entity expansion when processing 3rd‑party private RTst metadata tags, potentially allowing an at...

PT-2023-26687 · Unknown · Client Dicom Rtst Loading Modules +1

Name of the Vulnerable Software and Affected Versions: MIM Assistant and Client DICOM RTst Loading modules affected versions not specified Description: The issue concerns an Improper Restriction of XML External Entity Reference, which allows XML Entity Linking or XML External Entity attacks...