Vulnerability Details CVE-2025-48429
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.9%
CVSS Severity
CVSS v3 Score 7.4
References
Products affected by CVE-2025-48429
-
cpe:2.3:a:malaterre:grassroots_dicom:3.0.24