CVE-2021-41689
HIGH7.5EPSS 0.11%發布日:2022/6/28修改日:2026/4/28
也稱為:DEBIAN-CVE-2021-41689
描述
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack.
受影響套件(1)
- Debian/dcmtkfrom 0, < 3.6.5-1+deb11u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |