{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32711", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-13T14:33:42.824Z", "datePublished": "2026-03-20T01:26:15.182Z", "dateUpdated": "2026-03-20T16:41:56.917Z"}, "containers": {"cna": {"title": "pydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28"}, {"name": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82", "tags": ["x_refsource_MISC"], "url": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82"}, {"name": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2"}], "affected": [{"vendor": "pydicom", "product": "pydicom", "versions": [{"version": ">= 2.0.0-rc.1, < 3.0.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-20T01:26:15.182Z"}, "descriptions": [{"lang": "en", "value": "pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy(), write(), and remove()+write(use_existing=True) use that unchecked path in file I/O operations. This allows arbitrary file read/copy and, in some flows, move/delete outside the File-set root. This issue has been fixed in version 3.0.2."}], "source": {"advisory": "GHSA-v856-2rf8-9f28", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-20T16:41:24.059218Z", "id": "CVE-2026-32711", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T16:41:56.917Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32711", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-20T16:41:24.059218Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T16:41:52.638Z"}}], "cna": {"title": "pydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root", "source": {"advisory": "GHSA-v856-2rf8-9f28", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "pydicom", "product": "pydicom", "versions": [{"status": "affected", "version": ">= 2.0.0-rc.1, < 3.0.2"}]}], "references": [{"url": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28", "name": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82", "name": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2", "name": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy(), write(), and remove()+write(use_existing=True) use that unchecked path in file I/O operations. This allows arbitrary file read/copy and, in some flows, move/delete outside the File-set root. This issue has been fixed in version 3.0.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-20T01:26:15.182Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32711", "state": "PUBLISHED", "dateUpdated": "2026-03-20T16:41:56.917Z", "dateReserved": "2026-03-13T14:33:42.824Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-20T01:26:15.182Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pydicom:pydicom:*:*:*:*:*:python:*:*", "matchCriteriaId": "08DDD9F4-ABF0-4750-A28A-8E9E7A8DF617", "versionEndExcluding": "3.0.2", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy(), write(), and remove()+write(use_existing=True) use that unchecked path in file I/O operations. This allows arbitrary file read/copy and, in some flows, move/delete outside the File-set root. This issue has been fixed in version 3.0.2."}, {"lang": "es", "value": "pydicom es un paquete de Python puro para trabajar con archivos DICOM. Las versiones 2.0.0-rc.1 hasta la 3.0.1 son vulnerables a salto de ruta a trav\u00e9s de un ReferencedFileID de DICOMDIR creado maliciosamente cuando se establece a una ruta fuera de la ra\u00edz del conjunto de archivos. pydicom resuelve la ruta solo para confirmar que existe, pero no verifica que la ruta resuelta permanezca bajo la ra\u00edz del conjunto de archivos. Las operaciones p\u00fablicas posteriores de FileSet, como copy(), write() y remove()+write(use_existing=True), usan esa ruta no verificada en operaciones de E/S de archivos. Esto permite la lectura/copia arbitraria de archivos y, en algunos flujos, mover/eliminar fuera de la ra\u00edz del conjunto de archivos. Este problema ha sido solucionado en la versi\u00f3n 3.0.2."}], "id": "CVE-2026-32711", "lastModified": "2026-03-23T17:02:26.190", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-20T02:16:33.600", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.0.0-rc.1,3.0.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "pydicom", "vendor": "pydicom"}], "analysis": {"en": {"generated_at": "2026-03-23T18:28:44.494912+00:00", "value": {"mitigation_remediation": ["Upgrade pydicom to version 3.0.2 or newer"], "summary": {"action": "Patch", "impact": "Unauthorized file read/write outside the File-set root via path traversal"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Python package pydicom, versions 2.0.0\u2011rc.1 through 3.0.1 inclusive. The issue was fixed in release 3.0.2, so any system using the older versions of this library is potentially exposed. Users of pydicom in any Python environment that processes DICOMDIR files should verify the version they are running.", "description_and_impact": "A maliciously crafted DICOMDIR ReferencedFileID can point to files outside the intended File\u2011set root. The library resolves the path only to confirm existence, but does not check that the resolved path remains inside the root. When common FileSet operations such as copy(), write(), or remove()+write(use_existing=True) later use that unchecked path, an attacker can read, copy, and in some flows move or delete arbitrary files. The weakness corresponds to CWE\u201122 (Path Traversal). The CVSS score of 7.8 indicates a high severity impact on confidentiality, integrity, and availability.", "risk_and_exploitability": "The attack requires delivery of a crafted DICOMDIR file to an application that imports pydicom and performs FileSet operations such as copy or write. Because the EPSS score is below 1% and the vulnerability is not listed in the CISA KEV catalog, active exploitation is currently low, but the high CVSS score means significant damage is possible if exploited. Industries processing medical imaging data that import DICOMDIR files with pydicom should consider the risk of arbitrary file access if the library is not updated."}}}}, "created": "2026-03-20T08:53:37.576730+00:00", "updated": "2026-03-25T14:10:09.010408+00:00", "vendors": ["pydicom", "pydicom$PRODUCT$pydicom"]}