Vulnerability CVE-2024-42845
Published: 2024-08-23

Description:
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Invesalius 3.1 Remote Code Execution
Riccardo Degli E...
26.08.2024

 References:
https://github.com/invesalius/invesalius3
https://github.com/invesalius/invesalius3/releases
https://github.com/partywavesec/invesalius3_vulnerabilities/tree/main/CVE-2024-42845
Copyright 2024, cxsecurity.com

 

Back to Top