Description

Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib.

INFO

Published Date :

2025-05-14T18:06:51.766Z

Last Modified :

2025-05-15T13:47:49.560Z

Source :

GovTech CSG
AFFECTED PRODUCTS

The following products are affected by CVE-2025-4640 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4640.

URL Resource
https://github.com/PointCloudLibrary/pcl/blob/master/surface/CMakeLists.txt#L70 cve-icon cve-icon
https://github.com/PointCloudLibrary/pcl/commit/502bd2b013ce635f21632d523aa8cf2e04f7b7ac cve-icon cve-icon
https://github.com/PointCloudLibrary/pcl/pull/6246 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability