24 matches found
CVE-2019-1010228
DCMTK
CVE-2025-25474
DCMTK v3.6.9+ DEV contains a buffer overflow in the dcmimgle/diinpxt.h component (CVE-2025-25474). Multiple connected advisories confirm the issue and note fixes/updates exist (e.g., Debian, openSUSE, Mageia, TencentOS/SUSE advisories). Remediation is to upgrade to patched DCMTK versions as provi...
CVE-2024-28130
CVE-2024-28130 affects OFFIS DCMTK 3.6.8 (DVPSSoftcopyVOI_PList::createFromImage) with a malformed file enabling arbitrary code execution. Public references in Debian (DCMTK 3.6.5-1+deb11u1 fix), Ubuntu security advisory USN-7010-1, and Fedora dcmtk 3.6.9-2.fc42 indicate multiple distributions ha...
CVE-2025-25472
CVE-2025-25472 concerns DCMTK. Connected sources confirm a buffer overflow in DCMTK git master v3.6.9+ DEV that allows an attacker to cause a Denial of Service via a crafted DCM file. The vulnerability is described across multiple advisories as affecting DCMTK and is referenced in Debian LTS/DLA-...
CVE-2021-41687
DCMTK has a memory free issue in versions up to 3.6.6 (CVE-2021-41687) where allocated heap memory during parsing may not be freed on parsing errors, enabling a DoS via crafted requests to dcmqrdb. Public advisories (Ubuntu USN-7010-1, Debian DLA-4038-1, Debian 10/DLA-3847, Mageia MGASA-2024-0251...
CVE-2022-2120
Offis DCMTK vulnerable: all versions prior to 3.6.7 of the service class user (SCU) in DCMTK allow relative path traversal, enabling writing DICOM files to arbitrary directories and potentially remote code execution. Multiple advisories (Debian DLA-4227, openSUSE/SUSE advisories, Ubuntu USN-5882-...
CVE-2025-25475
CVE-2025-25475 affects DCMTK v3.6.9+ DEV and is caused by a NULL pointer dereference in /libsrc/dcrleccd.cc, enabling a crafted DICOM file to trigger a Denial of Service. Connected advisories confirm this issue and note fixes in various Linux distros (e.g., Debian DLA-4227, openSUSE SUSE advisory...
CVE-2022-2119
CVE-2022-2119 affects OFFIS DCMTK prior to 3.6.7, specifically the SCP service class. The vulnerability is a path traversal flaw that lets an attacker write DICOM files to arbitrary directories with controlled names, potentially enabling remote code execution. Public notices from Debian and openS...
CVE-2025-2357
DCMTK 3.6.9 contains a memory-corruption vulnerability in the dcmjpls JPEG-LS Decoder. The issue can be exploited remotely, with exploitation information reported publicly. A patch named 3239a7915 is referenced as fixes for this issue; applying the patch is the advised remediation. The CVE descri...
CVE-2021-41688
CVE-2021-41688 affects DCMTK up to version 3.6.6, where improper memory management in DCMTK’s dcmqrdb handling can lead to a double free and a resulting denial of service. The vulnerability is described as: an object is freed while its address remains in use, allowing specific requests to trigger...
CVE-2022-2121
CVE-2022-2121 affects OFFIS DCMTK: all versions before 3.6.7 are vulnerable to a NULL pointer dereference when processing DICOM files, which may lead to denial of service. Remediation is to upgrade to DCMTK 3.6.7 or newer; multiple advisories (Debian, Mageia, openSUSE, Astra Linux) note DCMTK upd...
CVE-2024-27628
DCMTK v3.6.8 has a buffer overflow vulnerability in the EctEnhancedCT method that could allow arbitrary code execution. Connected advisories indicate this is fixed by updating to DCMTK 3.6.9 (e.g., openSUSE openSUSE-SU-2025:0053-1 and Fedora 6043620E036C) across affected distributions.
CVE-2021-41689
DCMTK 3.6.6 and earlier contains a NULL pointer dereference and potential head-based overflow in dcmqrdb due to improper handling of string copy, allowing remote DoS via crafted requests. Public advisories confirm this vulnerability (CVE-2021-41689) and reference multiple vendor patches: Debian f...
CVE-2024-34509
DCMTK component dcmdata in DCMTK before 3.6.9 is affected by a segmentation fault triggered by an invalid DIMSE message (CVE-2024-34509). Public advisories confirm the issue and group it with related DCMTK DIMSE fault CVEs. The fixed version is DCMTK 3.6.9; remediation is to upgrade to or apply p...
CVE-2021-41690
DCMTK (up to 3.6.6) is affected by CVE-2021-41690, which describes improper freeing of memory where malloced file-info structures stored in a global LST are not freed, enabling a potential DoS via memory leak in dcmqrdb. Connected advisories (Debian, Debian LTS, Mageia, Ubuntu USN, Fedora Nessus,...
CVE-2022-43272
CVE-2022-43272 affects DCMTK v3.6.7, with a memory leak in the single-process path related to T_ASC_Association (notably in ASC_receiveAssociation and parseUserInfo flows). The issue is a memory leak rather than an explicit remote code execution or crash in the presented docs, and exploitation de...
CVE-2024-34508
DCMTK component dcmnet is affected by a segmentation fault caused by an invalid DIMSE message in versions before 3.6.9. The CVE-2024-34508 entry documents this issue with a network-facing DIMSE processing fault that can lead to a crash. The connected advisories consistently indicate remediation b...
CVE-2024-52333
CVE-2024-52333 affects OFFIS DCMTK 3.6.8, with an out-of-bounds write caused by improper array index validation in the determineMinMax functionality. A specially crafted DICOM file can trigger this vulnerability. The issue is documented across multiple advisories (notably openSUSE/SUSE patching t...
CVE-2013-6825
CVE-2013-6825 affects DCMTK 3.6.1 and earlier, with multiple components (movescu, storescp, scp, wlmactmg, dcmprscp, dcmpsrcv, dcmpstat tests, and dcmqrscp) failing to check the return value of the setuid call. This permits local privilege escalation by spawning a large number of processes. Conne...
CVE-2024-47796
CVE-2024-47796 is an out-of-bounds write in OFFIS DCMTK 3.6.8’s nowindow functionality caused by improper array index validation when parsing a crafted DICOM file. A malicious file can trigger this vulnerability, with local attack vector and high impact on confidentiality, integrity, and availabi...
CVE-2025-9732
Summary of CVE-2025-9732 (DCMTK) : A memory corruption vulnerability exists in DCMTK up to version 3.6.9, triggered by manipulating an unknown function in dcmimage/include/dcmtk/dcmimage/diybrpxt.h within the dcm2img component. The issue requires local access to exploit and is attributed to impro...
CVE-2020-36855
CVE-2020-36855 affects DCMTK up to 3.6.5, specifically the dcmqrscp component and its parseQuota function. The issue is a stack-based buffer overflow caused by manipulated StorageQuota, requiring local access. The vulnerability has public exploits and is fixed by upgrading to DCMTK 3.6.6 (patch i...
CVE-2022-4981
CVE-2022-4981 affects DCMTK up to 3.6.7, with the vulnerable element in the dcmqrscp component: DcmQueryRetrieveConfig::readPeerList (file /dcmqrcnf.cc). The issue causes a null pointer dereference and is exploitable via local access. Public exploit information exists. The recommended fix is upgr...
CVE-2026-5663
OFFIS DCMTK up to 3.7.0 contains a vulnerability in the storescp component (dcmnet/apps/storescp.cc: executeOnReception/executeOnEndOfStudy) that allows os command injection through manipulation. Remote exploitation is possible. A patch (edbb085e45788dccaf0e64d71534cfca925784b8) is available and ...