7.5
CVE-2025-2581
- EPSS 0.56%
- Veröffentlicht 21.03.2025 05:00:22
- Zuletzt bearbeitet 03.11.2025 20:18:09
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
Loginxmedcon DICOM File malloc integer underflow
A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to address this issue. It is recommended to upgrade the affected component.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Xmedcon Project ≫ Xmedcon Version0.25.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.56% | 0.423 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| cna@vuldb.com | 5.3 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cna@vuldb.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
|
| cna@vuldb.com | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-191 Integer Underflow (Wrap or Wraparound)
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
https://vuldb.com/?id.300541
https://vuldb.com/?ctiid.300541
https://vuldb.com/?submit.522216
https://xmedcon.sourceforge.io/Main/New
https://lists.debian.org/debian-lts-announce/2025/07/msg00000.html