Project

General

Profile

Activity

From 2026-03-14 to 2026-04-12

Today

10:33 Bug #1194: OS command injection vulnerability in storescp --exec-on-reception
This issue has been assigned CVE number CVE-2026-5663 (https://vuldb.com/vuln/355486).
 Marco Eichelberg

2026-04-04

09:06 Bug #1188 (Closed): Assertion failure in JPEG-LS encoder
Closed by commit #08c4c8734.
 Marco Eichelberg

2026-04-02

18:26 Feature #1200 (New): Functionality to get tag path for a given element
A "user on StackOverflow":https://stackoverflow.com/questions/79652444/getting-the-tag-path-of-a-particular-dcmelemen... Michael Onken

2026-03-29

14:51 Bug #1198 (Closed): Path Traversal in JSON Bulkdata Loading
Closed by commit #969c4b6f2.
 Marco Eichelberg
10:05 Bug #1197 (Closed): Uninitialized Memory Read in JSMN Token Array
Closed by commit #ae94a3d75.
 Marco Eichelberg
09:03 Bug #1196 (Closed): SEGV via OOB Read in DcmJSONReader getTokenContent
Closed by commit #4add0621b (i.e. the same commit that also closed DCMTK issue #1193.) Marco Eichelberg

2026-03-28

20:08 Bug #1195 (Closed): Heap OOB Read via PersonName Path in DcmJSONReader
Closed by commit #4add0621b (i.e. the same commit that also closed DCMTK issue #1193.) Marco Eichelberg
18:22 Bug #1193 (Closed): Heap OOB Read in DcmJSONReader getTokenContent
Closed by commit #4add0621b.
 Marco Eichelberg

2026-03-25

10:14 Bug #1198 (Closed): Path Traversal in JSON Bulkdata Loading
Received by email from the IN-CYPHER OSS Security Team (2026-03-24):
> *Subject:* IC-DCMTK-0024: Path Traversal in... Jörg Riesmeier
10:11 Bug #1197 (Closed): Uninitialized Memory Read in JSMN Token Array
Received by email from the IN-CYPHER OSS Security Team (2026-03-24):
> *Subject:* IC-DCMTK-0009 Uninitialized Memo... Jörg Riesmeier
10:09 Bug #1196 (Closed): SEGV via OOB Read in DcmJSONReader getTokenContent
Received by email from the IN-CYPHER OSS Security Team (2026-03-24):
> *Subject:* IC-DCMTK-0008 SEGV via OOB Read ... Jörg Riesmeier
10:06 Bug #1195 (Closed): Heap OOB Read via PersonName Path in DcmJSONReader
Received by email from the IN-CYPHER OSS Security Team (2026-03-24):
> *Subject:* IC-DCMTK-0007 Heap OOB Read via ... Jörg Riesmeier

2026-03-24

09:21 Bug #1194: OS command injection vulnerability in storescp --exec-on-reception
Also see: https://machinespirits.com/advisory/2e1627/
 Marco Eichelberg

2026-03-21

18:35 Bug #1194 (Closed): OS command injection vulnerability in storescp --exec-on-reception
Closed by DCMTK commit #edbb085e4.
 Marco Eichelberg
18:23 Bug #1194: OS command injection vulnerability in storescp --exec-on-reception
This vulnerability only affects the @storescp@ command line tool, not the underlying libraries. The vulnerability is ... Marco Eichelberg

2026-03-14

17:40 Bug #1194 (Closed): OS command injection vulnerability in storescp --exec-on-reception
Three placeholder tokens used in the shell command execution feature (#f , #p , #r) are derived from attacker-control... Marco Eichelberg
 

Also available in: Atom