PT-2025-26587 · Unknown · Pointcloudlibrary
Titan Team
·
Published
2025-06-23
·
Updated
2025-06-23
·
CVE-2025-52937
CVSS v4.0
2.0
Low
| Vector | AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:D/RE:M/U:Green |
Name of the Vulnerable Software and Affected Versions:
PointCloudLibrary PCL versions prior to 1.14.0
Description:
The issue is related to a memory corruption vulnerability in the Point Cloud Library PCL, specifically in the CRC32 module, associated with the program files crc32.C. This vulnerability is relevant for PCL versions older than 1.14.0 or when the system zlib is not used.
Recommendations:
For versions prior to 1.14.0, update to version 1.14.0 or later to resolve the issue.
As a temporary workaround, consider disabling the use of the CRC32 module until a patch is available.
If the user has specifically requested to not use the system zlib (WITH SYSTEM ZLIB=FALSE), consider changing this setting to TRUE to mitigate the risk.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pointcloudlibrary