← volver
CVE-2022-2119

OFFIS DCMTK Path Traversal

CVSS 7.5 HIGHEPSS 2.8%CWE-22
OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
OFFIS · DCMTK

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://lists.debian.org/debian-lts-announce/2025/06/msg00025.htmlhttps://www.cisa.gov/uscert/ics/advisories/icsma-22-174-01