Offis Dcmtk
13 CVEs affecting Offis Dcmtk. Latest disclosed: 2026-05-31. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-52333 | High | 8.4 | 2025-01-13 | An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to a… |
CVE-2024-47796 | High | 8.4 | 2025-01-13 | An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-o… |
CVE-2024-28130 | High | 7.5 | 2024-04-23 | An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malform… |
CVE-2022-2119 | High | 7.5 | 2022-06-24 | OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitr… |
CVE-2022-2121 | High | 7.5 | 2022-06-24 | OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service… |
CVE-2022-2120 | High | 7.5 | 2022-06-24 | OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into a… |
CVE-2026-5663 | High | 7.3 | 2026-04-06 | A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/stores… |
CVE-2026-10194 | Medium | 6.3 | 2026-05-31 | A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libs… |
CVE-2025-14607 | Medium | 6.3 | 2025-12-13 | A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/d… |
CVE-2020-36855 | Medium | 5.3 | 2025-10-21 | A security vulnerability has been detected in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of… |
CVE-2025-14841 | Low | 3.3 | 2025-12-18 | A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIn… |
CVE-2022-4981 | Low | 3.3 | 2025-10-21 | A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the co… |
CVE-2013-6825 | | 2014-06-10 | (1) movescu.cc and (2) storescp.cc in dcmnet/apps/, (3) dcmnet/libsrc/scp.cc, (4) dcmwlm/libsrc/wlmactmg.cc, (5) dcmprscp.cc and (6) dcmpsrcv.cc in dcmpstat/ap… |