{"id":"CVE-2025-4640","details":"Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib.","modified":"2026-04-12T18:19:44.869596Z","published":"2025-05-14T19:15:53.557Z","references":[{"type":"WEB","url":"https://github.com/PointCloudLibrary/pcl/blob/master/surface/CMakeLists.txt#L70"},{"type":"FIX","url":"https://github.com/PointCloudLibrary/pcl/commit/502bd2b013ce635f21632d523aa8cf2e04f7b7ac"},{"type":"FIX","url":"https://github.com/PointCloudLibrary/pcl/pull/6246"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pointcloudlibrary/pcl","events":[{"introduced":"0"},{"fixed":"502bd2b013ce635f21632d523aa8cf2e04f7b7ac"}]}],"versions":["pcl-1.0-ros","pcl-1.10.0","pcl-1.10.1","pcl-1.11.0","pcl-1.11.1","pcl-1.11.1-rc1","pcl-1.11.1-rc2","pcl-1.12.0","pcl-1.12.0-rc1","pcl-1.12.1","pcl-1.13.0","pcl-1.13.0-rc1","pcl-1.8.0","pcl-1.8.0rc1","pcl-1.8.0rc2","pcl-1.9.0","pcl-1.9.1"],"database_specific":{"vanir_signatures":[{"target":{"file":"surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h"},"source":"https://github.com/pointcloudlibrary/pcl/commit/502bd2b013ce635f21632d523aa8cf2e04f7b7ac","signature_version":"v1","deprecated":false,"id":"CVE-2025-4640-896ffc9a","signature_type":"Line","digest":{"line_hashes":["142507249250011048393637035603308527531","183792250313666141464654538174142285961","322051085261934477892702746723805144375","9645395726226507733371715164106126177"],"threshold":0.9}},{"target":{"file":"surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp"},"source":"https://github.com/pointcloudlibrary/pcl/commit/502bd2b013ce635f21632d523aa8cf2e04f7b7ac","signature_version":"v1","deprecated":false,"id":"CVE-2025-4640-ee2f2f5d","signature_type":"Line","digest":{"line_hashes":["136782776953135412937467136059416465158","110458794268363846693089669238631539255","263354597587748154763020415750074237993","223821636524468299286273832382372485888","279542666357318067735418905776482282396","227309763869449294412943433381806967990","300024253196399538696656521684273235706","20525459871724096279244981191323258620","307797107683726936971583923656594890370"],"threshold":0.9}}],"vanir_signatures_modified":"2026-04-12T18:19:44Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-4640.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:L/U:Amber"}]}