CVE-2025-2357

DCMTK dcmjpls JPEG-LS Decoder memory corruption

Description

A vulnerability was found in DCMTK 3.6.9. It has been declared as critical. This vulnerability affects unknown code of the component dcmjpls JPEG-LS Decoder. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 3239a7915. It is recommended to apply a patch to fix this issue.

INFO

Published Date :

2025-03-17T01:31:04.874Z

Last Modified :

2025-11-03T19:43:06.629Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2025-2357 vulnerability.

Vendors	Products
Offis	Dcmtk

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-2357.

URL	Resource
https://lists.debian.org/debian-lts-announce/2025/06/msg00025.html
https://nvd.nist.gov/vuln/detail/CVE-2025-2357
https://support.dcmtk.org/redmine/issues/1155
https://support.dcmtk.org/redmine/issues/1155?tab=history#note-1
https://vuldb.com/?ctiid.299824
https://vuldb.com/?id.299824
https://vuldb.com/?submit.513692
https://www.cve.org/CVERecord?id=CVE-2025-2357

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact