VYPR

rpm package

opensuse/dcmtk&distro=openSUSE Leap 15.4

pkg:rpm/opensuse/dcmtk&distro=openSUSE%20Leap%2015.4

Vulnerabilities (4)

  • CVE-2022-43272Dec 2, 2022
    affected < 3.6.7-bp154.2.3.1fixed 3.6.7-bp154.2.3.1

    DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.

  • CVE-2022-2119Jun 24, 2022
    affected < 3.6.7-bp154.2.3.1fixed 3.6.7-bp154.2.3.1

    OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.

  • CVE-2022-2121Jun 24, 2022
    affected < 3.6.7-bp154.2.3.1fixed 3.6.7-bp154.2.3.1

    OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition.

  • CVE-2022-2120Jun 24, 2022
    affected < 3.6.7-bp154.2.3.1fixed 3.6.7-bp154.2.3.1

    OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.