CVE-2025-48429
published 2025-12-16CVE-2025-48429: An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to…
PriorityP348critical9.1CVSS 3.1
AVNACLPRNUINSUCHINAH
EPSS
0.29%
21.1th percentile
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gdcm | — | — |
| grassroot_dicom | grassroot_dicom | — | — |
| malaterre | grassroots_dicom | — | — |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
osv9.1CRITICAL
vendor_debian7.4HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2025-48429: gdcm - An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams func...
vendor_debian·2025·CVSS 7.4
CVE-2025-48429 [HIGH] CVE-2025-48429: gdcm - An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams func...
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
GHSA
GHSA-7rw8-4p59-vgjq: An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3
ghsa_unreviewed·2025-12-17
CVE-2025-48429 [HIGH] CWE-119 GHSA-7rw8-4p59-vgjq: An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.
OSV
CVE-2025-48429: An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3
osv·2025-12-16·CVSS 9.1
CVE-2025-48429 [CRITICAL] CVE-2025-48429: An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.
No detection rules found.
No public exploits indexed.
Talos
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
blogs_talos·2025-12-17·CVSS 7.4
[HIGH] Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy, except for Grassroot, as the DiCoM vulnerabilities are zero-days.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
## Libbiosig vulnerability
Discovered by Mark Bereza of Cisco Talos.
BioSig is an open source software library for biomedical signal processing. The BioSig Project seeks to encourage resear
Talos
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
blogs_talos·2025-12-17·CVSS 7.4
[HIGH] Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
## Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy , except for Grassroot, as the DiCoM vulnerabilities are zero-days.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org , and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website .
## Libbiosig vulnerability
Discovered by Mark Bereza of Cisco Talos.
BioSig is an open source software library for biome
Wiz
CVE-2025-48429 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.4
CVE-2025-48429 [HIGH] CVE-2025-48429 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-48429 :
Linux Debian vulnerability analysis and mitigation
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.
Source : NVD
## 9.1
Score
Published December 16, 2025
Severity CRITICAL
CNA Score 7.4
Affected Technologies
Linux Debian
Echo
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17.8
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
gdcm
Sources
NVD
Debian 11, 12, 13 Severity MEDIUM No Fix Added at: Dec 18, 2025
Debian 14 Severity CRITICAL No Fix A
2025-12-16
Published