Home > Vulnerability Database > CVE-2025-1470

Mend.io Vulnerability Database

CVE-2025-1470

Date: February 21, 2025

In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe functions do not check their return values for NULL memory pointers or for memory allocation failures. This can lead to NULL pointer dereference crashes. Beginning in version 0.5.0, internal OMR consumers of atoe functions handle NULL return values and memory allocation failures correctly.

Severity Score

5.5

Related Resources (5)

Url: https://github.com/eclipse-omr/omr/pull/7663

Url: https://github.com/eclipse-omr/omr/pull/7655

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-1470

Url: https://gitlab.eclipse.org/security/cve-assignement/-/issues/54

Url: https://www.mend.io/vulnerability-database/CVE-2025-1470

Severity Score

5.5

Weakness Type (CWE)

NULL Pointer Dereference

CWE-476

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-1470

Date: February 21, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?