ICSMA-26-181-01

Vulnerability from csaf_cisa - Published: 2026-06-30 06:00 - Updated: 2026-06-30 06:00
Summary
OFFIS DCMTK Toolkit
Notes
Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Summary: Successful exploitation of these vulnerabilities could allow an attacker to write files, access unauthorized information, exhaust memory, or crash affected DCMTK client or server processes.
Critical infrastructure sectors: Healthcare and Public Health
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices: CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices: Do not click web links or open attachments in unsolicited email messages.
Recommended Practices: Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Recommended Practices: Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Recommended Practices: No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Affected products
Product Identifier Version Remediation
OFFIS DCMTK: <=3.7.0
OFFIS / DCMTK
<=3.7.0
Mitigation
Vendor Fix fix
Mitigation
CWE-401 - Missing Release of Memory after Effective Lifetime
Affected products
Product Identifier Version Remediation
OFFIS DCMTK: <=3.7.0
OFFIS / DCMTK
<=3.7.0
Mitigation
Vendor Fix fix
Mitigation
CWE-401 - Missing Release of Memory after Effective Lifetime
Affected products
Product Identifier Version Remediation
OFFIS DCMTK: <=3.7.0
OFFIS / DCMTK
<=3.7.0
Mitigation
Vendor Fix fix
Mitigation
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Affected products
Product Identifier Version Remediation
OFFIS DCMTK: <=3.7.0
OFFIS / DCMTK
<=3.7.0
Mitigation
Vendor Fix fix
Mitigation
CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Affected products
Product Identifier Version Remediation
OFFIS DCMTK: <=3.7.0
OFFIS / DCMTK
<=3.7.0
Mitigation
Vendor Fix fix
Mitigation
References
URL Category
https://raw.githubusercontent.com/cisagov/CSAF/de… self
https://www.cisa.gov/news-events/ics-medical-advi… self
https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-… external
https://www.cisa.gov/resources-tools/resources/ic… external
https://www.cisa.gov/sites/default/files/publicat… external
https://www.cisa.gov/topics/industrial-control-systems external
https://www.cisa.gov/uscert/sites/default/files/p… external
https://www.cisa.gov/uscert/ncas/tips/ST04-014 external
https://www.cisa.gov/news-events/ics-alerts/ics-a… external
https://www.cisa.gov/sites/default/files/recommen… external
https://www.cisa.gov/news-events/news/targeted-cy… external
https://www.cisa.gov/secure-our-world/teach-emplo… external
https://www.cisa.gov/news-events/news/avoiding-so… external
https://cwe.mitre.org/data/definitions/22.html external
https://www.cve.org/CVERecord?id=CVE-2026-50003 external
https://www.first.org/cvss/calculator/3.1#CVSS:3.… external
https://www.first.org/cvss/calculator/4.0#CVSS:4.… external
https://cwe.mitre.org/data/definitions/401.html external
https://www.cve.org/CVERecord?id=CVE-2026-50254 external
https://www.first.org/cvss/calculator/3.1#CVSS:3.… external
https://www.first.org/cvss/calculator/4.0#CVSS:4.… external
https://www.cve.org/CVERecord?id=CVE-2026-35505 external
https://www.cve.org/CVERecord?id=CVE-2026-52868 external
https://www.first.org/cvss/calculator/3.1#CVSS:3.… external
https://www.first.org/cvss/calculator/4.0#CVSS:4.… external
https://cwe.mitre.org/data/definitions/843.html external
https://www.cve.org/CVERecord?id=CVE-2026-44628 external
Acknowledgments
Abhinav Agarwal

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Abhinav Agarwal"
        ],
        "summary": "reported these vulnerabilities to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
        "title": "Legal Notice and Terms of Use"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to write files, access unauthorized information, exhaust memory, or crash affected DCMTK client or server processes.",
        "title": "Advisory Summary"
      },
      {
        "category": "other",
        "text": "Healthcare and Public Health",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Do not click web links or open attachments in unsolicited email messages.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSMA-26-181-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsma-26-181-01.json"
      },
      {
        "category": "self",
        "summary": "ICSA Advisory ICSMA-26-181-01 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-181-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/secure-our-world/teach-employees-avoid-phishing"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks"
      }
    ],
    "title": "OFFIS DCMTK Toolkit",
    "tracking": {
      "current_release_date": "2026-06-30T06:00:00.000000Z",
      "generator": {
        "date": "2026-06-29T17:49:19.815403Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSMA-26-181-01",
      "initial_release_date": "2026-06-30T06:00:00.000000Z",
      "revision_history": [
        {
          "date": "2026-06-30T06:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=3.7.0",
                "product": {
                  "name": "OFFIS DCMTK: \u003c=3.7.0",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "DCMTK"
          }
        ],
        "category": "vendor",
        "name": "OFFIS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-50003",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths.",
          "title": "Vulnerability Summary"
        },
        {
          "category": "details",
          "text": "SSVCv2/E:N/A:Y/2026-06-29T06:00:00.000000Z",
          "title": "SSVC"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/22.html"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-50003"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "The maintainer was notified of these vulnerabilities and has provided a fix. The fix is included in the latest commits and can be obtained in the following snapshot:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://github.com/DCMTK/dcmtk/releases/tag/latest.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://github.com/DCMTK/dcmtk/releases/tag/latest"
        },
        {
          "category": "mitigation",
          "details": "Users are recommended to download the latest GitHub release once it becomes available.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2026-50254",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it.",
          "title": "Vulnerability Summary"
        },
        {
          "category": "details",
          "text": "SSVCv2/E:N/A:Y/2026-06-29T06:00:00.000000Z",
          "title": "SSVC"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/401.html"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-50254"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "The maintainer was notified of these vulnerabilities and has provided a fix. The fix is included in the latest commits and can be obtained in the following snapshot:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://github.com/DCMTK/dcmtk/releases/tag/latest.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://github.com/DCMTK/dcmtk/releases/tag/latest"
        },
        {
          "category": "mitigation",
          "details": "Users are recommended to download the latest GitHub release once it becomes available.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2026-35505",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart.",
          "title": "Vulnerability Summary"
        },
        {
          "category": "details",
          "text": "SSVCv2/E:N/A:Y/2026-06-29T06:00:00.000000Z",
          "title": "SSVC"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/401.html"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-35505"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "The maintainer was notified of these vulnerabilities and has provided a fix. The fix is included in the latest commits and can be obtained in the following snapshot:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://github.com/DCMTK/dcmtk/releases/tag/latest.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://github.com/DCMTK/dcmtk/releases/tag/latest"
        },
        {
          "category": "mitigation",
          "details": "Users are recommended to download the latest GitHub release once it becomes available.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2026-52868",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation.",
          "title": "Vulnerability Summary"
        },
        {
          "category": "details",
          "text": "SSVCv2/E:N/A:Y/2026-06-29T06:00:00.000000Z",
          "title": "SSVC"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/22.html"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-52868"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "The maintainer was notified of these vulnerabilities and has provided a fix. The fix is included in the latest commits and can be obtained in the following snapshot:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://github.com/DCMTK/dcmtk/releases/tag/latest.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://github.com/DCMTK/dcmtk/releases/tag/latest"
        },
        {
          "category": "mitigation",
          "details": "Users are recommended to download the latest GitHub release once it becomes available.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2026-44628",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unauthenticated attacker can crash the worklist server with a single crafted query when the server has a valid Called AE Title / storage directory, the expected lockfile, and at least one matching worklist record.",
          "title": "Vulnerability Summary"
        },
        {
          "category": "details",
          "text": "SSVCv2/E:N/A:Y/2026-06-29T06:00:00.000000Z",
          "title": "SSVC"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/843.html"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-44628"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "The maintainer was notified of these vulnerabilities and has provided a fix. The fix is included in the latest commits and can be obtained in the following snapshot:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "https://github.com/DCMTK/dcmtk/releases/tag/latest.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://github.com/DCMTK/dcmtk/releases/tag/latest"
        },
        {
          "category": "mitigation",
          "details": "Users are recommended to download the latest GitHub release once it becomes available.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…