Ding Zhengzheng

Name of the Vulnerable Software and Affected Versions: DCMTK versions 3.6.9 and later Description: A NULL pointer dereference in the component /libsrc/dcrleccd.cc allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file. Recommendations: For DCMTK versions 3.6.9 and later, as a temporary workaround, consider restricting the use of the /libsrc/dcrleccd.cc component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: DCMTK versions 3.6.9+ DEV Description: A buffer overflow issue was discovered in the component /dcmimgle/diinpxt.h. This issue affects the DCMTK software, potentially allowing for exploitation. No information is provided about the estimated number of affected devices or real-world incidents. Recommendations: For DCMTK versions 3.6.9+ DEV, consider restricting access to the /dcmimgle/diinpxt.h component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: DCMTK versions 3.6.9+ DEV Description: A buffer overflow in DCMTK allows attackers to cause a Denial of Service (DoS) via a crafted DCM file. Recommendations: For DCMTK versions 3.6.9+ DEV, update to a version that fixes the buffer overflow issue to prevent Denial of Service (DoS) attacks.