Upgrade de.tum.in.ase:artemis-java-test-sandbox to version 1.8.0 or higher.

Improper Isolation or Compartmentalization in de.tum.in.ase:artemis-java-test-sandbox | CVE-2024-23682

Threat Intelligence

0.62% (80^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-UBUNTU2004-DCMTK-644819
published10 Sept 2020
disclosed22 Jul 2019

Report a new vulnerability Found a mistake?

Introduced: 22 Jul 2019

CVE-2019-1010228 (opens in a new tab) CWE-119 (opens in a new tab)

Amendment

The Ubuntu security team deemed this advisory irrelevant for Ubuntu:20.04.

NVD Description

Note: Versions mentioned in the description apply only to the upstream dcmtk package and not the dcmtk package as distributed by Ubuntu.

OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. The impact is: Possible code execution and confirmed Denial of Service. The component is: DcmRLEDecoder::decompress() (file dcrledec.h, line 122). The attack vector is: Many scenarios of DICOM file processing (e.g. DICOM to image conversion). The fixed version is: 3.6.4, after commit 40917614e.

Out-of-Bounds The advisory has been revoked - it doesn't affect any version of package dcmtk (opens in a new tab)

Threat Intelligence

Do your applications use this vulnerable package?

Introduced: 22 Jul 2019

Amendment

NVD Description

References