CVE-2025-2357: DCMTK dcmjpls JPEG-LS Decoder memory corruption
First published: Mon Mar 17 2025(Updated: )
A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| DCMTK |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-2357?
CVE-2025-2357 has been declared critical due to its potential to cause memory corruption.
What component is affected by CVE-2025-2357?
CVE-2025-2357 affects the dcmjpls JPEG-LS Decoder component of DCMTK 3.6.9.
Who can exploit CVE-2025-2357?
The exploit for CVE-2025-2357 can be initiated remotely by an attacker.
What kind of vulnerability is CVE-2025-2357?
CVE-2025-2357 is a memory corruption vulnerability.
How do I fix CVE-2025-2357?
To fix CVE-2025-2357, it is essential to update to the latest secure version of DCMTK.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/references
- agent/type
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/source
- agent/author
- agent/tags
- agent/event
- vendor/dcmtk
- canonical/dcmtk