Activity

From 2026-02-18 to 2026-03-19

17:40 Bug #1194 (Closed): OS command injection vulnerability in storescp --exec-on-reception: Three placeholder tokens used in the shell command execution feature (#f , #p , #r) are derived from attacker-control... Marco Eichelberg

23:46 Bug #1193 (Closed): Heap OOB Read in DcmJSONReader getTokenContent: Received by email from the IN-CYPHER OSS Security Team (2026-03-09):
> *Subject:* IC-DCMTK-0006 Heap OOB Read in D... Jörg Riesmeier
23:43 Bug #1190 (Closed): Infinite Loop in JPEG Segment Parser TEM Marker: Closed by commit "a2fef890f":https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=a2fef890fb4cb2e8aac137db54bd514b8a778474. Jörg Riesmeier
19:21 Bug #1190 (Closed): Infinite Loop in JPEG Segment Parser TEM Marker: Received by email from the IN-CYPHER OSS Security Team (2026-03-09):
> *Subject:* IC-DCMTK-0004 Infinite Loop in J... Jörg Riesmeier
21:31 Bug #1191 (Closed): Stack Overflow via Deeply Nested DICOM Sequences: Received by email from the IN-CYPHER OSS Security Team (2026-03-09):
> *Subject:* IC-DCMTK-0003: Stack Overflow vi... Michael Onken

16:56 Bug #1189 (Closed): Double-Free in DcmJSONReader via decodeBase64(): Closed by commit "28e3a0031":https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=28e3a00312dc3576a3accc63df957bf89a3149e3. Jörg Riesmeier
16:55 Bug #1189 (Closed): Double-Free in DcmJSONReader via decodeBase64(): Received by email from the IN-CYPHER OSS Security Team (2026-03-09):
> *Subject:* IC-DCMTK-0002: Double-Free in Dc... Jörg Riesmeier

17:13 Feature #1128 (Closed): dcmsr should support the fractional part of a second in its own XML format: See commit 63e6fb804 (and following). Jörg Riesmeier

Also available in: Atom

DCMTK