Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP6 package dcmtk, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2024-47796 — CVSS 8.4 (high): An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file…
CVE-2024-52333 — CVSS 8.4 (high): An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted…
CVE-2024-27628 — CVSS 8.1 (high): Buffer Overflow vulnerability in DCMTK v.3.6.8 allows an attacker to execute arbitrary code via the EctEnhancedCT method component.
CVE-2025-25475 — CVSS 7.5 (high): A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS)…
CVE-2025-25474 — CVSS 6.5 (medium): DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h.
CVE-2025-25472 — CVSS 5.3 (medium): A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file.