Vulnerability Details CVE-2025-53619
An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function `null_convert` is called based of the value of the malicious DICOM file specifying the intended interpretation of the image pixel data
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.4%
CVSS Severity
CVSS v3 Score 7.4
Products affected by CVE-2025-53619
-
cpe:2.3:a:malaterre:grassroots_dicom:3.0.24