CVE-2025-14841 in DCMTKالمعلومات

الملخص

بحسب MITRE • 18/12/2025

A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation causes null pointer dereference. The attack requires local access. Upgrading to version 3.7.0 is sufficient to resolve this issue. Patch name: ffb1a4a37d2c876e3feeb31df4930f2aed7fa030. You should upgrade the affected component.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulDB

إفشاء

18/12/2025

الاعتدال

تمت الموافقة

إدخال

VDB-337004

CPE

جاهز

CWE

CWE-476 (مؤكد)

CVSS

3.3 (CNA)

EPSS

0.00024

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-14841
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-14841
CVE Details	https://www.cvedetails.com/cve/CVE-2025-14841/

التالي ▸نظرة عامة ◂ السابق

Might our Artificial Intelligence support you?

Check our Alexa App!