CVE-2025-52937 | THREATINT

Description

Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This vulnerability is associated with program files crc32.C. This vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib (WITH_SYSTEM_ZLIB=FALSE).

PUBLISHED Reserved 2025-06-23 | Published 2025-06-23 | Updated 2025-06-23 | Assigner GovTech CSG

LOW: 2.0CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/S:N/AU:N/R:A/V:D/RE:M/U:Green

Product status

Default status

unaffected

Any version before 1.14.0

affected

Credits

TITAN Team (titancaproject@gmail.com) reporter

References

github.com/PointCloudLibrary/pcl/pull/6275 patch third-party-advisory

github.com/...ommit/2f9dc390c6769fbd821fafa0e16f4707ed7c5d79 patch

cve.org (CVE-2025-52937)

nvd.nist.gov (CVE-2025-52937)

Download JSON