Vulnerabilities > Offis
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-02 | CVE-2022-43272 | Memory Leak vulnerability in Offis Dcmtk 3.6.7 DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. | 7.5 |
| 2022-06-28 | CVE-2021-41687 | Memory Leak vulnerability in Offis Dcmtk DCMTK through 3.6.6 does not handle memory free properly. | 5.0 |
| 2022-06-28 | CVE-2021-41688 | Double Free vulnerability in Offis Dcmtk DCMTK through 3.6.6 does not handle memory free properly. | 5.0 |
| 2022-06-28 | CVE-2021-41689 | NULL Pointer Dereference vulnerability in Offis Dcmtk DCMTK through 3.6.6 does not handle string copy properly. | 5.0 |
| 2022-06-28 | CVE-2021-41690 | Memory Leak vulnerability in Offis Dcmtk DCMTK through 3.6.6 does not handle memory free properly. | 5.0 |
| 2022-06-24 | CVE-2022-2119 | Path Traversal vulnerability in Offis Dcmtk OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. | 7.5 |
| 2022-06-24 | CVE-2022-2120 | Path Traversal vulnerability in Offis Dcmtk OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. | 7.5 |
| 2022-06-24 | CVE-2022-2121 | NULL Pointer Dereference vulnerability in Offis Dcmtk OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition. | 3.3 |
| 2019-07-22 | CVE-2019-1010228 | Out-of-bounds Write vulnerability in multiple products OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. | 9.8 |