CVE-2025-52937

Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This vulnerability is associated with program files crc32.C. This vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib (WITH_SYSTEM_ZLIB=FALSE).

CVSS

No CVSS.

References

Link	Resource
https://github.com/PointCloudLibrary/pcl/commit/2f9dc390c6769fbd821fafa0e16f4707ed7c5d79
https://github.com/PointCloudLibrary/pcl/pull/6275

Configurations

No configuration.

History

23 Jun 2025, 14:15

Type	Values Removed	Values Added
CWE		CWE-494

23 Jun 2025, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-23 10:15

Updated : 2025-06-23 20:16

NVD link : CVE-2025-52937

Mitre link : CVE-2025-52937

CVE.ORG link : CVE-2025-52937

JSON object : View

Products Affected

No product.

CWE

CWE-494

Download of Code Without Integrity Check

{"id": "CVE-2025-52937", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "cve_disclosure@tech.gov.sg", "cvssData": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 2.0, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "LOW", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:D/RE:M/U:Green", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "GREEN", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-23T10:15:27.717", "references": [{"url": "https://github.com/PointCloudLibrary/pcl/commit/2f9dc390c6769fbd821fafa0e16f4707ed7c5d79", "source": "cve_disclosure@tech.gov.sg"}, {"url": "https://github.com/PointCloudLibrary/pcl/pull/6275", "source": "cve_disclosure@tech.gov.sg"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-494"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This vulnerability is associated with program files crc32.C.\n\nThis vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib (WITH_SYSTEM_ZLIB=FALSE)."}], "lastModified": "2025-06-23T20:16:21.633", "sourceIdentifier": "cve_disclosure@tech.gov.sg"}

CVE-2025-52937

JSON object

Attach tags to CVE-2025-52937

Attach tags to `CVE-2025-52937`