A vulnerability was identified in DCMTK up to 3.6.9. This affects an unknown function in the library dcmimage/include/dcmtk/dcmimage/diybrpxt.h of the component dcm2img. Such manipulation leads to memory corruption. Local access is required to approach this attack. The name of the patch is 7ad81d69b. It is best practice to apply a patch to resolve this issue.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-08-31
dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-05-05
dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-05-05
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-02