Improper Pointer Arithmetic Vulnerability in PointCloudLibrary Affecting zlib
CVE-2025-4638

9.2CRITICAL

Key Information:

Vendor: Pointcloudlibrary
Status: Pcl
Vendor: CVE Published:; 14 May 2025

🔔 Create Pointcloudlibrary Vulnerability Alert

What is CVE-2025-4638?

A vulnerability has been identified in the inftrees.c component of the zlib library integrated within the PointCloudLibrary (PCL). This flaw may allow context-dependent attackers to exploit improper pointer arithmetic, potentially leading to undefined behavior within applications utilizing affected versions of PCL. The vulnerability is particularly impactful for users operating on PCL versions prior to 1.14.0 or those who disable system zlib integration. It is vital for users to upgrade to secure versions of PointCloudLibrary to mitigate potential risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

pcl 0

References

https://github.com/PointCloudLibrary/pcl/pull/6245

patch

https://github.com/PointCloudLibrary/pcl/blob/master/surf...

https://github.com/PointCloudLibrary/pcl/commit/502bd2b01...

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

Low

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
May 14, 2025
Vulnerability Reserved
May 13, 2025

Credit

TITAN Team (titancaproject@gmail.com)

JSON

Pointcloudlibrary