CVE-2025-52937

NameCVE-2025-52937
DescriptionVulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This vulnerability is associated with program files crc32.C. This vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib (WITH_SYSTEM_ZLIB=FALSE).
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
pcl (PTS)bullseye1.11.1+dfsg-1fixed
bookworm1.13.0+dfsg-3fixed
forky, sid, trixie1.15.0+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
pclsource(unstable)(not affected)

Notes

- pcl <not-affected> (PCL in Debian uses the system copy of zlib)
Search for package or bug name: Reporting problems