CVE-2024-42845

Scores

EPSS

0.711medium71.1%

0%20%40%60%80%100%

Percentile: 71.1%

CVSS

8.0high3.x

0246810

CVSS Score: 8.0/10

All CVSS Scores

CVSS 3.x

8.0

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Description

An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

debianubuntu

CWEs

CWE-94

Related Vulnerabilities

BDU:2024-07528

Exploits

Exploit ID: CVE-2024-42845

Source: github-poc

URL: https://github.com/theexploiters/CVE-2024-42845-Exploit

Vulnerable Software (6)

Type: Configuration

Product: invesalius

Operating System: debian

Trait:

{  "unfixed": true}

Source: debian

Type: Configuration

Product: invesalius

Operating System: debian trixie 13

Trait:

{  "unfixed": true}

Source: debian

Type: Configuration

Product: invesalius

Operating System: debian bookworm 12

Trait:

{  "unfixed": true}

Source: debian

Type: Configuration

Product: invesalius

Operating System: debian bullseye 11

Trait:

{  "unfixed": true}

Source: debian

Type: Configuration

Product: invesalius

Operating System: ubuntu focal 20.04

Trait:

{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: invesalius

Operating System: ubuntu plucky 25.04

Trait:

{  "unfixed": true}

Source: ubuntu

End of list

Russian Vulnerability Scanner Database

CVE-2024-42845

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Related Vulnerabilities

Exploits

Vulnerable Software (6)