Vulnerabilities > CVE-2025-1471

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2025-02-21

Updated: 2025-03-05

Summary

In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows.

References

https://github.com/eclipse-omr/omr/pull/7658
https://gitlab.eclipse.org/security/cve-assignement/-/issues/55

Vulnerabilities > CVE-2025-1471 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2025-1471"}]}

Summary

References

Vulnerabilities > CVE-2025-1471