PT-2025-21225 · Unknown+1 · Pointcloudlibrary+1
Titan Team
·
Published
2025-05-14
·
Updated
2025-05-15
·
CVE-2025-4640
CVSS v4.0
8.3
High
| Vector | AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:L/U:Amber |
Name of the Vulnerable Software and Affected Versions:
PointCloudLibrary versions prior to 1.14.0
Description:
The issue is an Out-of-bounds Write vulnerability in PointCloudLibrary, allowing Overflow Buffers due to a zlib issue. This vulnerability is relevant for versions older than 1.14.0 or if the user specifically requests to not use the system zlib.
Recommendations:
For versions prior to 1.14.0, update to version 1.14.0 or later to mitigate the vulnerability. As a temporary workaround, consider disabling the use of the vulnerable zlib component until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the vulnerable function related to zlib until the issue is resolved.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pointcloudlibrary
Zlib