QwikSec

Security Database

CVE

CWE

Training

CVE-2025-1470

Published: Feb 21, 2025

Modified: Feb 21, 2025

PUBLISHED

Description

In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe functions do not check their return values for NULL memory pointers or for memory allocation failures. This can lead to NULL pointer dereference crashes. Beginning in version 0.5.0, internal OMR consumers of atoe functions handle NULL return values and memory allocation failures correctly.

Vendor	Product	Versions
Eclipse Foundation	Eclipse OMR	affected `0 - <= 0.4.0`

Weaknesses (CWE)

References

https://github.com/eclipse-omr/omr/pull/7655

https://github.com/eclipse-omr/omr/pull/7663

https://gitlab.eclipse.org/security/cve-assignement/-/issues/54

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2025-1470 - Security Vulnerability | QwikSec