Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-4981

Опубликовано: 21 окт. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 1.7
CVSS3: 3.3

Описание

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. Upgrading to version 3.6.8 is sufficient to resolve this issue. The patch is identified as 957fb31e5. Upgrading the affected component is advised.

РелизСтатусПримечание
devel

not-affected

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

jammy

needs-triage

noble

needs-triage

plucky

not-affected

3.6.9-4
questing

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 2%
0.00014
Низкий

1.7 Low

CVSS2

3.3 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-4981

CVSS3: 3.3
nvd
4 месяца назад

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. Upgrading to version 3.6.8 is sufficient to resolve this issue. The patch is identified as 957fb31e5. Upgrading the affected component is advised.

debian логотип

CVE-2022-4981

CVSS3: 3.3
debian
4 месяца назад

A vulnerability was detected in DCMTK up to 3.6.7. The impacted elemen ...

github логотип

GHSA-v454-8grj-83c8

CVSS3: 3.3
github
4 месяца назад

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. Upgrading to version 3.6.8 is sufficient to resolve this issue. The patch is identified as 957fb31e5. Upgrading the affected component is advised.

fstec логотип

BDU:2025-16066

CVSS3: 3.3
fstec
4 месяца назад

Уязвимость функции DcmQueryRetrieveConfig::readPeerList компонента dcmqrscp библиотеки для работы с форматом DICOM DCMTK, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 2%
0.00014
Низкий

1.7 Low

CVSS2

3.3 Low

CVSS3