Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-1470
Analyzed
More InfoOfficial Page
Source-emo@eclipse.org
View Known Exploited Vulnerability (KEV) details
Published At-21 Feb, 2025 | 10:15
Updated At-05 Mar, 2025 | 18:54

In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe functions do not check their return values for NULL memory pointers or for memory allocation failures. This can lead to NULL pointer dereference crashes. Beginning in version 0.5.0, internal OMR consumers of atoe functions handle NULL return values and memory allocation failures correctly.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.1MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Eclipse Foundation AISBL
eclipse
>>omr>>Versions up to 0.4.0(inclusive)
cpe:2.3:a:eclipse:omr:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-476Secondaryemo@eclipse.org
CWE-476Secondarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/eclipse-omr/omr/pull/7655emo@eclipse.org
Patch
https://github.com/eclipse-omr/omr/pull/7663emo@eclipse.org
Patch
https://gitlab.eclipse.org/security/cve-assignement/-/issues/54emo@eclipse.org
Issue Tracking
Vendor Advisory
Change History
0Changes found
Details not found