Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-2357

Опубликовано: 17 мар. 2025
Источник: redhat
CVSS3: 6.3

Описание

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.

A flaw was found in the DCMTK package. Insufficient input data validation can lead to a segmentation fault in the JPEG-LS decoder if invalid input data is processed. This vulnerability affects the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption and can be initiated remotely.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux AI (RHEL AI)dcmtkFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=2352832DCMTK: DCMTK dcmjpls JPEG-LS Decoder memory corruption

6.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-2357

CVSS3: 6.3
ubuntu
6 месяцев назад

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.

nvd логотип

CVE-2025-2357

CVSS3: 6.3
nvd
6 месяцев назад

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.

debian логотип

CVE-2025-2357

CVSS3: 6.3
debian
6 месяцев назад

A vulnerability was found in DCMTK 3.6.9. It has been declared as crit ...

github логотип

GHSA-vwr6-5rc9-p4cw

CVSS3: 6.3
github
6 месяцев назад

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.

6.3 Medium

CVSS3