QwikSec

Security Database

CVE

CWE

Training

CVE-2025-4640

Published: May 14, 2025

Modified: May 15, 2025

PUBLISHED

Description

Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib.

Vendor	Product	Versions
PointCloudLibrary	pcl	affected `0 - < <1.15.0`

Weaknesses (CWE)

References

https://github.com/PointCloudLibrary/pcl/pull/6246

patch

https://github.com/PointCloudLibrary/pcl/blob/master/surface/CMakeLists.txt#L70

https://github.com/PointCloudLibrary/pcl/commit/502bd2b013ce635f21632d523aa8cf2e04f7b7ac

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.