An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.CreditsDiscovered by Emmanuel Tacheau of Cisco Talos.Referenceshttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2214
