OFFIS DCMTK 3.6.7

CPE Details

OFFIS DCMTK 3.6.7
offis
dcmtk
3.6.7
2022-07-05
12h23 +00:00
2022-09-19
16h40 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:offis:dcmtk:3.6.7:*:*:*:*:*:*:*

Informations

Vendor

offis

Product

dcmtk

Version

3.6.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-9732 2025-08-31 14h02 +00:00 A vulnerability was identified in DCMTK up to 3.6.9. This affects an unknown function in the library dcmimage/include/dcmtk/dcmimage/diybrpxt.h of the component dcm2img. Such manipulation leads to memory corruption. Local access is required to approach this attack. The name of the patch is 7ad81d69b. It is best practice to apply a patch to resolve this issue.
4.8
Medium
CVE-2024-34508 2024-05-05 00h00 +00:00 dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
4.3
Medium
CVE-2024-34509 2024-05-04 22h00 +00:00 dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
5.3
Medium
CVE-2022-43272 2022-12-01 23h00 +00:00 DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.