VYPR

PyPI package

pydicom

pkg:pypi/pydicom

Vulnerabilities (1)

  • CVE-2026-32711Mar 20, 2026
    affected >= 3.0.0, < 3.0.2fixed 3.0.2

    pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm