CVE-2025-48429

An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.

Published Dec 17, 2025

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2214

CVSS ScoreCritical

9.1

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-48429

An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.

Published Dec 17, 2025

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2214

CVSS ScoreCritical

9.1


conan	gdcm	3.0.24
rpm	gdcm	3.0.24-4.el10_0

Ecosystem	Package	Version


conan	gdcm	3.0.24
rpm	gdcm	3.0.24-4.el10_0

Find vulnerabilities. Fix fast with AI.

CVE-2025-48429

CVE-2025-48429