- Description
- In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows.
- Source
- emo@eclipse.org
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 7.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
🚨 CVE-2025-1471 🔴 HIGH (7.1) 🏢 Eclipse Foundation - Eclipse OMR 🏗️ 0.2.0 🔗 https://t.co/h8YWMuS9c3 🔗 https://t.co/XrPcxLq0ng #CyberCron #VulnAlert https://t.co/kC8P0MZCdd
@cybercronai
21 Feb 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1471 In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and argumen… https://t.co/KzNc67mEch
@CVEnew
21 Feb 2025
249 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:omr:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCEF6A56-762E-4F98-86D7-74720E639B77",
"versionEndIncluding": "0.4.0",
"versionStartIncluding": "0.2.0"
}
],
"operator": "OR"
}
]
}
]