0.003 Low
EPSS
Percentile
70.2%
dcmtk is vulnerable to remote code execution. Service class users are vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names resulting in remote code execution.
DICOM
security-tracker.debian.org/tracker/CVE-2022-2120
www.cisa.gov/uscert/ics/advisories/icsma-22-174-01