CVE-2025-14607 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-14607 Interim 1 2 2026-03-05T01:24:30Z current 2025-12-23T00:48:35Z 2026-03-05T01:24:30Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-14607 A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The manipulation results in memory corruption. The attack can be launched remotely. Upgrading to version 3.7.0 can resolve this issue. The patch is identified as 4c0e5c10079392c594d6a7abd95dd78ac0aa556a. You should upgrade the affected component. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 15 SP6 openSUSE Leap 15.6 openSUSE Tumbleweed dcmtk-3.7.0-1.1 dcmtk-3.7.0-bp156.4.15.1 dcmtk-devel-3.7.0-1.1 dcmtk-devel-3.7.0-bp156.4.15.1 libdcmtk20-3.7.0-1.1 libdcmtk20-3.7.0-bp156.4.15.1 dcmtk-3.7.0-bp156.4.15.1 as a component of SUSE Package Hub 15 SP6 dcmtk-devel-3.7.0-bp156.4.15.1 as a component of SUSE Package Hub 15 SP6 libdcmtk20-3.7.0-bp156.4.15.1 as a component of SUSE Package Hub 15 SP6 dcmtk-3.7.0-bp156.4.15.1 as a component of openSUSE Leap 15.6 dcmtk-devel-3.7.0-bp156.4.15.1 as a component of openSUSE Leap 15.6 libdcmtk20-3.7.0-bp156.4.15.1 as a component of openSUSE Leap 15.6 dcmtk-3.7.0-1.1 as a component of openSUSE Tumbleweed dcmtk-devel-3.7.0-1.1 as a component of openSUSE Tumbleweed libdcmtk20-3.7.0-1.1 as a component of openSUSE Tumbleweed A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The manipulation results in memory corruption. The attack can be launched remotely. Upgrading to version 3.7.0 can resolve this issue. The patch is identified as 4c0e5c10079392c594d6a7abd95dd78ac0aa556a. You should upgrade the affected component. CVE-2025-14607 SUSE Package Hub 15 SP6:dcmtk-3.7.0-bp156.4.15.1 SUSE Package Hub 15 SP6:dcmtk-devel-3.7.0-bp156.4.15.1 SUSE Package Hub 15 SP6:libdcmtk20-3.7.0-bp156.4.15.1 openSUSE Leap 15.6:dcmtk-3.7.0-bp156.4.15.1 openSUSE Leap 15.6:dcmtk-devel-3.7.0-bp156.4.15.1 openSUSE Leap 15.6:libdcmtk20-3.7.0-bp156.4.15.1 openSUSE Tumbleweed:dcmtk-3.7.0-1.1 openSUSE Tumbleweed:dcmtk-devel-3.7.0-1.1 openSUSE Tumbleweed:libdcmtk20-3.7.0-1.1 moderate