Skip to main content

Omr

3 CVEs product

Monthly

CVE-2026-1188 CRITICAL PATCH Act Now

Buffer size miscalculation in Eclipse OMR port library since 0.2.0. An API function returning processor feature names has incorrect size allocation. Patch available.

Buffer Overflow Omr Suse
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-1471 HIGH PATCH This Week

In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Omr
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2025-1470 MEDIUM PATCH This Month

In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe functions do not check their return values for NULL memory pointers. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Omr
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Buffer size miscalculation in Eclipse OMR port library since 0.2.0. An API function returning processor feature names has incorrect size allocation. Patch available.

Buffer Overflow Omr Suse
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Omr
NVD GitHub
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe functions do not check their return values for NULL memory pointers. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Omr
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy