VulnerableCode Package Details - pkg:deb/debian/gdcm@2.4.4-3

Search for packages

Vulnerability	Summary	Fixed by
VCID-f2hr-w48s-k3ha Aliases: CVE-2015-8396	Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow.	2.6.6-3 Affected by 0 other vulnerabilities.
VCID-fz53-7wyn-qubv Aliases: CVE-2015-8397	The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded JPEG-LS image with dimensions larger than the selected region in a (1) two-dimensional or (2) three-dimensional DICOM image file, which triggers an out-of-bounds read.	2.6.6-3 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-f2hr-w48s-k3ha
Aliases:
CVE-2015-8396

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow.

2.6.6-3
Affected by 0 other vulnerabilities.

VCID-fz53-7wyn-qubv
Aliases:
CVE-2015-8397

The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded JPEG-LS image with dimensions larger than the selected region in a (1) two-dimensional or (2) three-dimensional DICOM image file, which triggers an out-of-bounds read.

2.6.6-3
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T16:29:53.010011+00:00	Debian Oval Importer	Affected by	VCID-fz53-7wyn-qubv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:43:49.599909+00:00	Debian Oval Importer	Affected by	VCID-f2hr-w48s-k3ha	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T16:17:00.400749+00:00	Debian Oval Importer	Affected by	VCID-fz53-7wyn-qubv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:31:35.650606+00:00	Debian Oval Importer	Affected by	VCID-f2hr-w48s-k3ha	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T16:09:10.162359+00:00	Debian Oval Importer	Affected by	VCID-fz53-7wyn-qubv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:25:48.408502+00:00	Debian Oval Importer	Affected by	VCID-f2hr-w48s-k3ha	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0