{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T05:46:34.630","vulnerabilities":[{"cve":{"id":"CVE-2024-52333","sourceIdentifier":"talos-cna@cisco.com","published":"2025-01-13T15:15:09.130","lastModified":"2025-11-03T21:17:21.663","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de validación incorrecta del índice de matriz en la función determineMinMax de OFFIS DCMTK 3.6.8. Un archivo DICOM manipulado especialmente puede provocar una escritura fuera de los límites. Un atacante puede proporcionar un archivo malicioso para activar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:offis:dcmtk:3.6.8:*:*:*:*:*:*:*","matchCriteriaId":"B4A80B78-3210-466A-B051-3516CBDD6B84"}]}]}],"references":[{"url":"https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=03e851b0586d05057c3268988e180ffb426b2e03","source":"talos-cna@cisco.com","tags":["Patch"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-2121","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00032.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2121","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}