partywavesec/invesalius3_vulnerabilities

Releases0

Stars3

InVesalius discovered CVE. CVE-2024-42845, CVE-2024-44825

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-44825 ↗	Sep 25, 2024Wednesday, 25 September 2024, 16:15	7.5 HIGH	—
Directory Traversal vulnerability in Centro de Tecnologia da Informaco Renato Archer InVesalius3 v3.1.99995 allows attackers to write arbitrary files unto the system via a crafted .inv3 file.
CVE-2024-42845 ↗	Aug 23, 2024Friday, 23 August 2024, 19:15	8 HIGH	—
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.