Release date: March 1, 2024


CVE-2024-25386 was posted to by an independent submission to Mitre on March 1, 2024.


This CVE identifies a potential vulnerability in a DCF (DICOM Connectivity Framework) library utility support file that was included with a DCF Solaris (SunOS 5.8 Sparc) C++ library release (v2.7.6) from Laurel Bridge Software in 2004.

Risk Summary

No users of current products from Laurel Bridge Software should be affected by this CVE.

This version of the DCF library is not part of any of Laurel Bridge Software’s current commercial products and this, now 20-year-old, utility file is not part of any current DCF library releases.

  • The last release of the DCF C++ library for Solaris was in 2004 and has reached end-of-life.
  • It is no longer supported and is not subject to security updates, patches, or bug fixes.
  • It is not sold or included in any other known current commercial products.


Anyone who may be using this version of the file cited in the CVE should upgrade or update to a product using a supported version of the DCF library or ensure that the affected system is secure.


Laurel Bridge will continue to investigate this report and will provide additional updates as appropriate.

Please contact if you have specific concerns regarding LBS products.

Download as PDF