CVE-2024-27629
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-27629
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27629.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-27629
- Related
- Published
- 2024-06-28T19:15:05Z
- Modified
- 2025-02-19T03:37:07.039183Z
- Summary
- [none]
- Details
-
An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used.
- References
Affected packages
Debian:11 / dcm2niix
Package
- Name
- dcm2niix
- Purl
- pkg:deb/debian/dcm2niix?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:12 / dcm2niix
Package
- Name
- dcm2niix
- Purl
- pkg:deb/debian/dcm2niix?arch=source
Debian:13 / dcm2niix
Package
- Name
- dcm2niix
- Purl
- pkg:deb/debian/dcm2niix?arch=source
Git / github.com/rordenlab/dcm2niix
Affected versions
Other
20160606
v1.*
v1.0.20160930
v1.0.20161101
v1.0.20170130
v1.0.20170207
v1.0.20170331
v1.0.20170401
v1.0.20170402
v1.0.20170403
v1.0.20170428
v1.0.20170429
v1.0.20170528
v1.0.20170609
v1.0.20170621
v1.0.20170623
v1.0.20170624
v1.0.20170724
v1.0.20170818
v1.0.20170923
v1.0.20171017
v1.0.20171204
v1.0.20171215
v1.0.20180325
v1.0.20180328
v1.0.20180614
v1.0.20180622
v1.0.20181114
v1.0.20181125
v1.0.20190720
v1.0.20190902
v1.0.20200331
v1.0.20201102
v1.0.20210317
v1.0.20211006
v1.0.20220720
v1.0.20230411