Test ID:	1.3.6.1.4.1.25623.1.1.18.1.2025.0053.1
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (openSUSE-SU-2025:0053-1)
Summary:	The remote host is missing an update for the 'dcmtk' package(s) announced via the openSUSE-SU-2025:0053-1 advisory.
Description:	Summary: The remote host is missing an update for the 'dcmtk' package(s) announced via the openSUSE-SU-2025:0053-1 advisory. Vulnerability Insight: This update for dcmtk fixes the following issues: Update to 3.6.9. See DOCS/CHANGES.368 for the full list of changes Security issues fixed: - CVE-2024-27628: Fixed buffer overflow via the EctEnhancedCT method (boo#1227235) - CVE-2024-34508: Fixed a segmentation fault via an invalid DIMSE message (boo#1223925) - CVE-2024-34509: Fixed segmentation fault via an invalid DIMSE message (boo#1223943) - CVE-2024-47796: Fixed out-of-bounds write due to improper array index validation in the nowindow functionality (boo#1235810) - CVE-2024-52333: Fixed out-of-bounds write due to improper array index validation in the determineMinMax functionality (boo#1235811) Affected Software/OS: 'dcmtk' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-27628 Common Vulnerability Exposure (CVE) ID: CVE-2024-34508 https://github.com/DCMTK/dcmtk/commit/c78e434c0c5f9d932874f0b17a8b4ce305ca01f5 https://support.dcmtk.org/redmine/issues/1114 Common Vulnerability Exposure (CVE) ID: CVE-2024-34509 Common Vulnerability Exposure (CVE) ID: CVE-2024-47796 Common Vulnerability Exposure (CVE) ID: CVE-2024-52333
Copyright	Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.