Описание
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | needs-triage | |
| esm-apps/bionic | released | 3.6.2-3ubuntu0.1~esm1 |
| esm-apps/focal | released | 3.6.4-2.1ubuntu0.1~esm1 |
| esm-apps/jammy | released | 3.6.6-5ubuntu0.1~esm1 |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | released | 3.6.1~20150924-5ubuntu0.1~esm1 |
| focal | ignored | end of standard support, was needed |
| impish | ignored | end of life |
| jammy | needed |
Показывать по
7.5 High
CVSS2
7.5 High
CVSS3
Связанные уязвимости
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) i ...
OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.
Уязвимость библиотеки для работы с форматом DICOM DCMTK, связанная с недостатками ограничения имени пути к каталогу, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Security update for gdcm, orthanc, orthanc-gdcm, orthanc-webviewer
7.5 High
CVSS2
7.5 High
CVSS3