CVE-2024-34508

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-34508
dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.

4.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5
https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html
https://support.dcmtk.org/redmine/issues/1114
https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5
https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html
https://support.dcmtk.org/redmine/issues/1114
Configurations

No configuration.

History

26 Mar 2025, 20:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 4.3
CWE CWE-476
Information

Published : 2024-05-05 20:15

Updated : 2025-03-26 20:15

NVD link : CVE-2024-34508

Mitre link : CVE-2024-34508

CVE.ORG link : CVE-2024-34508

JSON object : View

Products Affected

No product.

CWE
CWE-476

NULL Pointer Dereference