{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2022-4981","title":"Title"},{"category":"description","text":"A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be used. Upgrading to version 3.6.8 is sufficient to resolve this issue. The patch is identified as 957fb31e5. Upgrading the affected component is advised.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2022-4981","url":"https://www.suse.com/security/cve/CVE-2022-4981"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1252400 for CVE-2022-4981","url":"https://bugzilla.suse.com/1252400"}],"title":"SUSE CVE CVE-2022-4981","tracking":{"current_release_date":"2025-12-19T01:52:31Z","generator":{"date":"2025-10-21T23:46:35Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2022-4981","initial_release_date":"2025-10-21T23:46:35Z","revision_history":[{"date":"2025-10-21T23:46:35Z","number":"2","summary":"Current version"},{"date":"2025-11-03T03:42:00Z","number":"3","summary":"Current version"},{"date":"2025-12-17T01:39:55Z","number":"4","summary":"description changed"},{"date":"2025-12-19T01:52:31Z","number":"5","summary":"description changed"}],"status":"interim","version":"5"}}}