Filtered by vendor Offis
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2120 | 1 Offis | 1 Dcmtk | 2022-07-05 | 7.5 HIGH | 9.8 CRITICAL |
| OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution. | |||||
| CVE-2022-2119 | 1 Offis | 1 Dcmtk | 2022-07-05 | 7.5 HIGH | 9.8 CRITICAL |
| OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution. | |||||
| CVE-2019-1010228 | 1 Offis | 1 Dcmtk | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. The impact is: Possible code execution and confirmed Denial of Service. The component is: DcmRLEDecoder::decompress() (file dcrledec.h, line 122). The attack vector is: Many scenarios of DICOM file processing (e.g. DICOM to image conversion). The fixed version is: 3.6.4, after commit 40917614e. | |||||