vulnerability
Ubuntu: USN-5882-1 (CVE-2022-2119): DCMTK vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jun 24, 2022 | Mar 22, 2023 | Aug 18, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jun 24, 2022
Added
Mar 22, 2023
Modified
Aug 18, 2025
Description
OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.
Solutions
ubuntu-pro-upgrade-dcmtkubuntu-pro-upgrade-libdcmtk12ubuntu-pro-upgrade-libdcmtk14ubuntu-pro-upgrade-libdcmtk16ubuntu-pro-upgrade-libdcmtk17ubuntu-pro-upgrade-libdcmtk5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.