Unrated severityNVD Advisory· Published Apr 23, 2024· Updated Nov 4, 2025
CVE-2024-28130
CVE-2024-28130
Description
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/dcmtk&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/dcmtk&distro=SUSE%20Package%20Hub%2015%20SP5
< 3.6.8-bp155.3.3.1+ 1 more
- (no CPE)range: < 3.6.8-bp155.3.3.1
- (no CPE)range: < 3.6.8-bp155.3.3.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.