{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T23:25:58.158","vulnerabilities":[{"cve":{"id":"CVE-2025-1471","sourceIdentifier":"emo@eclipse.org","published":"2025-02-21T10:15:11.413","lastModified":"2025-03-05T19:06:42.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z\/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs.  Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows."},{"lang":"es","value":"En las versiones 0.2.0 a 0.4.0 de Eclipse OMR, algunas de las funciones de impresión de z\/OS atoe utilizan un búfer de longitud constante para la conversión de cadenas. Si la cadena de formato de entrada y los argumentos son más grandes que el tamaño del búfer, se produce un desbordamiento del búfer. A partir de la versión 0.5.0, los búferes de conversión tienen el tamaño correcto y se verifican adecuadamente para evitar desbordamientos del búfer."}],"metrics":{"cvssMetricV40":[{"source":"emo@eclipse.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0\/AV:L\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N\/E:X\/CR:X\/IR:X\/AR:X\/MAV:X\/MAC:X\/MAT:X\/MPR:X\/MUI:X\/MVC:X\/MVI:X\/MVA:X\/MSC:X\/MSI:X\/MSA:X\/S:X\/AU:X\/R:X\/V:X\/RE:X\/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"emo@eclipse.org","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eclipse:omr:*:*:*:*:*:*:*:*","versionStartIncluding":"0.2.0","versionEndIncluding":"0.4.0","matchCriteriaId":"BCEF6A56-762E-4F98-86D7-74720E639B77"}]}]}],"references":[{"url":"https:\/\/github.com\/eclipse-omr\/omr\/pull\/7658","source":"emo@eclipse.org","tags":["Patch","Vendor Advisory"]},{"url":"https:\/\/gitlab.eclipse.org\/security\/cve-assignement\/-\/issues\/55","source":"emo@eclipse.org","tags":["Issue Tracking","Vendor Advisory"]}]}}]}