Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Mondoo Vulnerability Intelligence
Search vulnerabilities and malicious packages across npm, PyPI, Go, GitHub Actions, VS Code, and more.
Search vulnerabilities and malicious packages across npm, PyPI, Go, GitHub Actions, VS Code, and more.
A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation causes null pointer dereference. The attack requires local access. Upgrading to version 3.7.0 is sufficient to resolve this issue. Patch name: ffb1a4a37d2c876e3feeb31df4930f2aed7fa030. You should upgrade the affected component.
3.6.5-13.6.5-1+deb11u13.6.5-1+deb11u23.6.5-1+deb11u33.6.5-1+deb11u43.6.5-1+deb11u53.6.6-13.6.6-1~ext13.6.6-23.6.6-3+41 more3.6.7-113.6.7-123.6.7-133.6.7-143.6.7-153.6.7-83.6.7-93.6.7-9.13.6.7-9~deb12u13.6.7-9~deb12u2+19 more3.6.9-53.6.9-63.6.9-53.6.9-6Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:NI:NA:LCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L