CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-41689

DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2021-41689

Offis » Dcmtk » Version: N/A

cpe:2.3:a:offis:dcmtk:-
Offis » Dcmtk » Version: 3.1.0

cpe:2.3:a:offis:dcmtk:3.1.0
Offis » Dcmtk » Version: 3.1.1

cpe:2.3:a:offis:dcmtk:3.1.1
Offis » Dcmtk » Version: 3.1.2

cpe:2.3:a:offis:dcmtk:3.1.2
Offis » Dcmtk » Version: 3.2.0

cpe:2.3:a:offis:dcmtk:3.2.0
Offis » Dcmtk » Version: 3.2.1

cpe:2.3:a:offis:dcmtk:3.2.1
Offis » Dcmtk » Version: 3.3.0

cpe:2.3:a:offis:dcmtk:3.3.0
Offis » Dcmtk » Version: 3.3.1

cpe:2.3:a:offis:dcmtk:3.3.1
Offis » Dcmtk » Version: 3.4.0

cpe:2.3:a:offis:dcmtk:3.4.0
Offis » Dcmtk » Version: 3.4.1

cpe:2.3:a:offis:dcmtk:3.4.1
Offis » Dcmtk » Version: 3.4.2

cpe:2.3:a:offis:dcmtk:3.4.2
Offis » Dcmtk » Version: 3.5.0

cpe:2.3:a:offis:dcmtk:3.5.0
Offis » Dcmtk » Version: 3.5.1

cpe:2.3:a:offis:dcmtk:3.5.1
Offis » Dcmtk » Version: 3.5.2

cpe:2.3:a:offis:dcmtk:3.5.2
Offis » Dcmtk » Version: 3.5.3

cpe:2.3:a:offis:dcmtk:3.5.3
Offis » Dcmtk » Version: 3.5.4

cpe:2.3:a:offis:dcmtk:3.5.4
Offis » Dcmtk » Version: 3.6.0

cpe:2.3:a:offis:dcmtk:3.6.0
Offis » Dcmtk » Version: 3.6.2

cpe:2.3:a:offis:dcmtk:3.6.2
Offis » Dcmtk » Version: 3.6.3

cpe:2.3:a:offis:dcmtk:3.6.3
Offis » Dcmtk » Version: 3.6.4

cpe:2.3:a:offis:dcmtk:3.6.4
Offis » Dcmtk » Version: 3.6.5

cpe:2.3:a:offis:dcmtk:3.6.5
Offis » Dcmtk » Version: 3.6.6

cpe:2.3:a:offis:dcmtk:3.6.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-41689

Products

Pricing

Contact Us