A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/50xxx/CVE-2026-50003.json",
"cwe_ids": [
"CWE-22"
],
"cna_assigner": "icscert"
}