Dcmtk Security Vulnerabilities and Issues — Dcmtk CVE List

Lucene search

OffisDcmtk

3 matches found

CVE•added 2019/07/22 5:15 p.m.•145 views

CVE-2019-1010228

OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. The impact is: Possible code execution and confirmed Denial of Service. The component is: DcmRLEDecoder::decompress() (file dcrledec.h, line 122). The attack vector is: Many scenarios of DICOM file processing (e.g. DICOM to image conve...

9.8CVSS9.5AI score0.00283EPSS

CVE•added 2022/06/24 3:15 p.m.•77 views

CVE-2022-2120

OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.

9.8CVSS8.8AI score0.0294EPSS

CVE•added 2022/06/24 3:15 p.m.•76 views

CVE-2022-2119

OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.

9.8CVSS8.8AI score0.0294EPSS