CVE-2022-43272 - OpenCVE

DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Offis	Dcmtk

Configuration 1 [-]

cpe:2.3:a:offis:dcmtk:3.6.7:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7	Patch Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HROBSUUV2LZCYUNODI2YM7G7AYYO75B/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3QG7MSHORLYAHDXMYG6FQKU4GOCRBCR/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMQ2USESKF6OAZAH64OFHNK2HJIJVGPP/
https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-12-02T00:00:00

Updated: 2024-07-02T16:58:53.969Z

Reserved: 2022-10-17T00:00:00

Link: CVE-2022-43272

JSON object: View

NVD Information

Status : Modified

Published: 2022-12-02T16:15:09.230

Modified: 2023-11-07T03:53:45.030

Link: CVE-2022-43272

JSON object: View

Redhat Information

No data.

CWE

CWE-401

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-43272", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-07-02T16:58:53.969Z", "dateReserved": "2022-10-17T00:00:00", "datePublished": "2022-12-02T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-28T19:06:13.523663"}, "descriptions": [{"lang": "en", "value": "DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw"}, {"url": "https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7"}, {"name": "FEDORA-2023-fe6fa5696e", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3QG7MSHORLYAHDXMYG6FQKU4GOCRBCR/"}, {"name": "FEDORA-2023-83b529bd34", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UMQ2USESKF6OAZAH64OFHNK2HJIJVGPP/"}, {"name": "FEDORA-2023-eda976b192", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HROBSUUV2LZCYUNODI2YM7G7AYYO75B/"}, {"name": "[debian-lts-announce] 20240628 [SECURITY] [DLA 3847-1] dcmtk security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00022.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"affected": [{"vendor": "offis", "product": "dcmtk", "cpes": ["cpe:2.3:a:offis:dcmtk:3.6.7:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "3.6.7", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-02T16:53:28.265409Z", "id": "CVE-2022-43272", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-02T16:58:53.969Z"}}]}, "dataVersion": "5.1"}