Описание
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| invesalius | unfixed | package | ||
| invesalius | no-dsa | trixie | package | |
| invesalius | no-dsa | bookworm | package | |
| invesalius | postponed | bullseye | package |
Примечания
https://github.com/partywavesec/invesalius3_vulnerabilities/tree/main/CVE-2024-42845
https://github.com/invesalius/invesalius3/commit/020cd6056c30105a870cfea99939282b6ec5640b
Связанные уязвимости
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
Уязвимость компонента invesalius/reader/dicom.py медицинского программного обеспечения создания виртуальных реконструкций структур человека InVesalius, позволяющая нарушителю выполнить произвольный код