Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-52937
PUBLISHED
More InfoOfficial Page
Assigner-GovTech CSG
Assigner Org ID-1a37b84a-8e51-4525-b3d6-87e2fae01dbd
View Known Exploited Vulnerability (KEV) details
Published At-23 Jun, 2025 | 09:26
Updated At-23 Jun, 2025 | 13:26
Rejected At-
▼CVE Numbering Authority (CNA)
Vulnerability in PointCloudLibrary PCL

Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This vulnerability is associated with program files crc32.C. This vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib (WITH_SYSTEM_ZLIB=FALSE).

Affected Products
Vendor
PointCloudLibrary
Product
pcl
Repo
https://github.com/PointCloudLibrary/pcl
Modules
  • surface/src/3rdparty/opennurbs
Program Files
  • crc32.c
Default Status
unaffected
Versions
Affected
  • From 0 before 1.14.0 (git)
Metrics
VersionBase scoreBase severityVector
4.02.0LOW
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/S:N/AU:N/R:A/V:D/RE:M/U:Green
Version: 4.0
Base score: 2.0
Base severity: LOW
Vector:
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/S:N/AU:N/R:A/V:D/RE:M/U:Green
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
TITAN Team (titancaproject@gmail.com)
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/PointCloudLibrary/pcl/pull/6275
patch
third-party-advisory
https://github.com/PointCloudLibrary/pcl/commit/2f9dc390c6769fbd821fafa0e16f4707ed7c5d79
patch
Hyperlink: https://github.com/PointCloudLibrary/pcl/pull/6275
Resource:
patch
third-party-advisory
Hyperlink: https://github.com/PointCloudLibrary/pcl/commit/2f9dc390c6769fbd821fafa0e16f4707ed7c5d79
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-494CWE-494 Download of Code Without Integrity Check
Type: CWE
CWE ID: CWE-494
Description: CWE-494 Download of Code Without Integrity Check
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found