vulnerability

Ubuntu: USN-5882-1 (CVE-2022-2119): DCMTK vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Jun 24, 2022	Mar 22, 2023	Jan 23, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Jun 24, 2022

Added

Mar 22, 2023

Modified

Jan 23, 2025

Description

OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.

Solution(s)

ubuntu-pro-upgrade-dcmtkubuntu-pro-upgrade-libdcmtk12ubuntu-pro-upgrade-libdcmtk14ubuntu-pro-upgrade-libdcmtk16ubuntu-pro-upgrade-libdcmtk17ubuntu-pro-upgrade-libdcmtk5

References

CVE-2022-2119
https://attackerkb.com/topics/CVE-2022-2119
UBUNTU-USN-5882-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today