CVE-2025-25475

High CVSS: 7.5

A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file.

Vendor

Offis

Product

Dcmtk

CWE

CWE-476

Yayın Tarihi

2025-02-18 23:15:10

Güncelleme

2025-11-04 20:40:26

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-476 Dcmtk HIGH Offis 2025

Referanslar

https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=bffa3e9116abb7038b432443f16b1bd390e80245 https://github.com/DCMTK/dcmtk/commit/bffa3e9116abb7038b432443f16b1bd390e80245 https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html

Benzer Kayıtlar

Medium

CVE-2022-4981

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeer…

Medium

CVE-2020-36855

A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the…

Medium

CVE-2025-9732

A vulnerability was identified in DCMTK up to 3.6.9. This affects an unknown function in the library dcmimage/include/dc…

Medium

CVE-2025-2357

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of t…

Medium

CVE-2025-25472

A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM…

Medium

CVE-2025-25474

DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h.