VYPR

DCMTK

by OFFIS.de

CVEs (4)

  • CVE-2019-1010228CriJul 22, 2019
    risk 0.64cvss 9.8epss 0.08

    OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. The impact is: Possible code execution and confirmed Denial of Service. The component is: DcmRLEDecoder::decompress() (file dcrledec.h, line 122). The attack vector is: Many scenarios of DICOM file processing (e.g.…

  • CVE-2024-52333HigJan 13, 2025
    risk 0.55cvss 8.4epss 0.01

    An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2024-47796HigJan 13, 2025
    risk 0.55cvss 8.4epss 0.01

    An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2024-28130HigApr 23, 2024
    risk 0.49cvss 7.5epss 0.02

    An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.