Fluid Attacks Database

Description

An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version
debian 11	gdcm	=3.0.10-1 \|\| =3.0.10-1~bpo11+1 \|\| =3.0.11-1 \|\| =3.0.12-1 \|\| =3.0.13-1 \|\| =3.0.13-2 \|\| =3.0.13-2~bpo11+1 \|\| =3.0.13-3 \|\| =3.0.14-1 \|\| =3.0.16-1 \|\| =3.0.17-1 \|\| =3.0.17-1~bpo11+1 \|\| =3.0.17-2 \|\| =3.0.17-3 \|\| =3.0.17-4 \|\| =3.0.17-4~bpo11+1 \|\| =3.0.17-5 \|\| =3.0.20-1 \|\| =3.0.20-2 \|\| =3.0.20-3 \|\| =3.0.20-3+hurd.1 \|\| =3.0.21-1 \|\| =3.0.21-2 \|\| =3.0.22-1 \|\| =3.0.22-2 \|\| =3.0.22-2.1 \|\| =3.0.22-2.1~exp1 \|\| =3.0.22-3 \|\| =3.0.24-1 \|\| =3.0.24-1+hurd.1 \|\| =3.0.24-2 \|\| =3.0.24-3 \|\| =3.0.24-3+hurd.1 \|\| =3.0.24-4 \|\| =3.0.24-5 \|\| =3.0.24-5+hurd.1 \|\| =3.0.24-5+hurd.2 \|\| =3.0.24-6 \|\| =3.0.24-7 \|\| =3.0.24-8 \|\| =3.0.24-9 \|\| =3.0.8-2 \|\| =3.0.8-3 \|\| =3.0.8-4
debian 13	gdcm	=3.0.24-5 \|\| =3.0.24-5+hurd.1 \|\| =3.0.24-5+hurd.2 \|\| =3.0.24-6 \|\| =3.0.24-7 \|\| =3.0.24-8 \|\| =3.0.24-9
debian 12	gdcm	=3.0.21-1 \|\| =3.0.21-2 \|\| =3.0.22-1 \|\| =3.0.22-2 \|\| =3.0.22-2.1 \|\| =3.0.22-2.1~exp1 \|\| =3.0.22-3 \|\| =3.0.24-1 \|\| =3.0.24-1+hurd.1 \|\| =3.0.24-2 \|\| =3.0.24-3 \|\| =3.0.24-3+hurd.1 \|\| =3.0.24-4 \|\| =3.0.24-5 \|\| =3.0.24-5+hurd.1 \|\| =3.0.24-5+hurd.2 \|\| =3.0.24-6 \|\| =3.0.24-7 \|\| =3.0.24-8 \|\| =3.0.24-9
debian 14	gdcm	=3.0.24-5 \|\| =3.0.24-5+hurd.1 \|\| =3.0.24-5+hurd.2 \|\| =3.0.24-6 \|\| =3.0.24-7 \|\| =3.0.24-8 \|\| =3.0.24-9

Aliases

1. CVE-2025-484292. NVD-2025-484293. OSV-DEBIAN-2025-484294. OSV-2025-484295. SECURITY-TRACKER-CVE-2025-48429

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.