CVE-2025-1471

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-1471

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-1471.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-1471

Published

2025-02-21T10:15:11.413Z

Modified

2026-04-10T05:21:58.551914Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows.

References

Affected packages

Git / github.com/eclipse-omr/omr

Affected ranges

Type

GIT

Repo

https://github.com/eclipse-omr/omr

Events

Introduced

b5ef5eda4680b6b5cf0c2f954362f9f47353ce04

Last affected

6bfb20f781c2cf71ad1b55b2774b58a40bb959ff

Database specific

{
    "versions": [
        {
            "introduced": "0.2.0"
        },
        {
            "last_affected": "0.4.0"
        }
    ]
}

Affected versions

omr-0.*

omr-0.2.0

omr-0.3.0

omr-0.4.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-1471.json"