{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T03:21:52.550","vulnerabilities":[{"cve":{"id":"CVE-2024-24793","sourceIdentifier":"talos-cna@cisco.com","published":"2024-02-20T11:15:08.090","lastModified":"2025-11-04T19:16:57.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature freeing of memory that is used later. To trigger this vulnerability, an attacker would need to induce the vulnerable application to process a malicious DICOM image.The Use-After-Free happens in the `parse_meta_element_create()` parsing the elements in the File Meta Information header."},{"lang":"es","value":"Existe una vulnerabilidad de use-after-free en DICOM Element Parsing implementado en Imaging Data Commons libdicom 1.0.5. Un archivo DICOM especialmente manipulado puede provocar la liberación prematura de memoria que se utilizará más adelante. Para desencadenar esta vulnerabilidad, un atacante necesitaría inducir a la aplicación vulnerable a procesar una imagen DICOM maliciosa. El Use-After-Free ocurre en `parse_meta_element_create()` analizando los elementos en el encabezado de metainformación del archivo."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nih:libdicom:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"3CB47B53-5857-4971-ABF8-A3DA8CB79BC2"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1931","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1931","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1931","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}