Vulnerability Details CVE-2024-24793
A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature freeing of memory that is used later. To trigger this vulnerability, an attacker would need to induce the vulnerable application to process a malicious DICOM image.The Use-After-Free happens in the `parse_meta_element_create()` parsing the elements in the File Meta Information header.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.1%
CVSS Severity
CVSS v3 Score 8.1
References