Vulnerability Details CVE-2025-25475
A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.3%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-25475
-
cpe:2.3:a:offis:dcmtk:3.6.9
-
cpe:2.3:o:debian:debian_linux:11.0