Filtered by vendor Malaterre
Subscribe
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-48429 | 1 Malaterre | 1 Grassroots Dicom | 2026-01-07 | N/A | 7.4 HIGH |
| An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2025-53618 | 1 Malaterre | 1 Grassroots Dicom | 2026-01-02 | N/A | 7.4 HIGH |
| An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function `grayscale_convert` is called based of the value of the malicious DICOM file specifying the intended interpretation of the image pixel data | |||||
| CVE-2025-53619 | 1 Malaterre | 1 Grassroots Dicom | 2026-01-02 | N/A | 7.4 HIGH |
| An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function `null_convert` is called based of the value of the malicious DICOM file specifying the intended interpretation of the image pixel data | |||||
| CVE-2025-52582 | 1 Malaterre | 1 Grassroots Dicom | 2026-01-02 | N/A | 7.4 HIGH |
| An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-22391 | 2 Fedoraproject, Malaterre | 2 Fedora, Grassroots Dicom | 2025-12-16 | N/A | 7.7 HIGH |
| A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-22373 | 2 Fedoraproject, Malaterre | 2 Fedora, Grassroots Dicom | 2025-12-16 | N/A | 8.1 HIGH |
| An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-25569 | 2 Fedoraproject, Malaterre | 2 Fedora, Grassroots Dicom | 2025-11-04 | N/A | 6.5 MEDIUM |
| An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2015-8397 | 1 Malaterre | 1 Grassroots Dicom | 2025-08-21 | 6.4 MEDIUM | 8.2 HIGH |
| The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded JPEG-LS image with dimensions larger than the selected region in a (1) two-dimensional or (2) three-dimensional DICOM image file, which triggers an out-of-bounds read. | |||||
| CVE-2015-8396 | 1 Malaterre | 1 Grassroots Dicom | 2025-08-21 | 10.0 HIGH | 10.0 CRITICAL |
| Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow. | |||||