CNNVD-202512-2772 Information
Dec 16, 2025
cve
CNNVD ID
CNNVD-202512-2772
Related CVE
- CNNVD Published: 2025-12-16
Description (Chinese)
Grassroot DICOM是Sourceforge开源的一个用于 DICOM 医学文件的 C++ 库。 Grassroot DICOM 3.024版本存在缓冲区错误漏洞,该漏洞源于JPEGBITSCodec解码功能存在越界读取,可能导致信息泄露。
Description (English)
Grassroot DICOM is a C++ library for DICOM medical documents from the open source of SourceForge. The version of Grassroot DICOM 3.024 contains an error loophole in the buffer zone, which stems from a cross-border reading of the JPEGIBITSCODEC decoder function, which could lead to the disclosure of information.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
Sourceforge
Published
2025-12-16
Last Modified
2026-02-24
References
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2210
Patch
https://sourceforge.net/projects/gdcm/
Share on: