CVE-2025-14841 | OFFIS DCMTK up to 3.6.9 dcmqrscp dcmqrdbi.cc startMoveRequest null pointer dereference (Issue 1183)

A vulnerability identified as problematic has been detected in OFFIS DCMTK up to 3.6.9. The impacted element is the function DcmQueryRetrieveIndexDatabaseHandle::startFindRequest/DcmQueryRetrieveIndexDatabaseHandle::startMoveRequest in the library dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. This manipulation causes null pointer dereference.

This vulnerability appears as CVE-2025-14841. The attack requires local access. In addition, an exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More