{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32711", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-13T14:33:42.824Z", "datePublished": "2026-03-20T01:26:15.182Z", "dateUpdated": "2026-03-20T16:41:56.917Z"}, "containers": {"cna": {"title": "pydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28"}, {"name": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82", "tags": ["x_refsource_MISC"], "url": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82"}, {"name": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2"}], "affected": [{"vendor": "pydicom", "product": "pydicom", "versions": [{"version": ">= 2.0.0-rc.1, < 3.0.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-20T01:26:15.182Z"}, "descriptions": [{"lang": "en", "value": "pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy(), write(), and remove()+write(use_existing=True) use that unchecked path in file I/O operations. This allows arbitrary file read/copy and, in some flows, move/delete outside the File-set root. This issue has been fixed in version 3.0.2."}], "source": {"advisory": "GHSA-v856-2rf8-9f28", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-20T16:41:24.059218Z", "id": "CVE-2026-32711", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T16:41:56.917Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32711", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-20T16:41:24.059218Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-20T16:41:52.638Z"}}], "cna": {"title": "pydicom: Path traversal in FileSet/DICOMDIR ReferencedFileID allows file access outside the File-set root", "source": {"advisory": "GHSA-v856-2rf8-9f28", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "pydicom", "product": "pydicom", "versions": [{"status": "affected", "version": ">= 2.0.0-rc.1, < 3.0.2"}]}], "references": [{"url": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28", "name": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82", "name": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2", "name": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy(), write(), and remove()+write(use_existing=True) use that unchecked path in file I/O operations. This allows arbitrary file read/copy and, in some flows, move/delete outside the File-set root. This issue has been fixed in version 3.0.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-20T01:26:15.182Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32711", "state": "PUBLISHED", "dateUpdated": "2026-03-20T16:41:56.917Z", "dateReserved": "2026-03-13T14:33:42.824Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-20T01:26:15.182Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy(), write(), and remove()+write(use_existing=True) use that unchecked path in file I/O operations. This allows arbitrary file read/copy and, in some flows, move/delete outside the File-set root. This issue has been fixed in version 3.0.2."}], "id": "CVE-2026-32711", "lastModified": "2026-03-20T13:37:50.737", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-20T02:16:33.600", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/pydicom/pydicom/commit/6414f01a053dff925578799f5a7208d2ae585e82"}, {"source": "security-advisories@github.com", "url": "https://github.com/pydicom/pydicom/releases/tag/v3.0.2"}, {"source": "security-advisories@github.com", "url": "https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.0.0-rc.1,3.0.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "pydicom", "vendor": "pydicom"}], "analysis": {"en": {"generated_at": "2026-03-20T03:31:12.713111+00:00", "value": {"mitigation_remediation": ["Update pydicom to version 3.0.2 or newer, which contains the path\u2011traversal fix."], "summary": {"action": "Apply patch", "impact": "Arbitrary file read/write and deletion outside the intended DICOM file set root"}, "threat_synthesis": {"affected_systems": "The affected product is pydicom (Python DICOM library). Vulnerable releases are 2.0.0\u2011rc.1 through 3.0.1 as specified by the vendor. The issue is fixed in version 3.0.2.", "description_and_impact": "pydicom versions 2.0.0-rc.1 through 3.0.1 have a path\u2011traversal flaw in the handling of the ReferencedFileID field in a DICOMDIR file. The library checks only that the referenced file exists, but does not verify that the resolved path remains within the designated file\u2011set root. This oversight allows an attacker to craft a malicious ReferencedFileID that points to any file on the filesystem. When a public FileSet operation such as copy(), write(), or remove()+write(use_existing=True) is performed, pydicom uses this unchecked path, enabling arbitrary read/copy and, in some code paths, move/delete operations beyond the intended root. The vulnerability corresponds to CWE\u201122 (Path Traversal).", "risk_and_exploitability": "The CVSS base score is 7.8, indicating high severity. Exploit probability is not reported (EPSS not available) and the vulnerability is not listed in CISA\u2019s KEV catalog. Exploitation requires an attacker to supply a malicious DICOMDIR file to an application that imports pydicom. The attack is local to the environment where the library executes; it can lead to confidentiality and integrity compromise by reading or deleting arbitrary system files."}}}}, "created": "2026-03-20T08:53:37.576730+00:00", "updated": "2026-03-20T10:43:30.928888+00:00", "vendors": ["pydicom", "pydicom$PRODUCT$pydicom"]}