CVE-2025-1470— Eclipse OMR: Null pointer dereference vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-1470
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Eclipse OMR: Null pointer dereference vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe functions do not check their return values for NULL memory pointers or for memory allocation failures. This can lead to NULL pointer dereference crashes. Beginning in version 0.5.0, internal OMR consumers of atoe functions handle NULL return values and memory allocation failures correctly.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
空指针解引用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Eclipse OMR 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Eclipse OMR是Eclipse基金会的一款用于构建语言运行时环境的开源工具包。 Eclipse OMR存在安全漏洞,该漏洞源于一些OMR内部端口库和实用程序消费者不检查空内存指针或内存分配失败的返回值,可能导致空指针取消引用引发的崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Eclipse Foundation | Eclipse OMR | 0 ~ 0.4.0 | - |
II. Public POCs for CVE-2025-1470
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-1470
请登录查看更多情报信息。
Same Patch Batch · Eclipse Foundation · 2025-02-21 · 5 CVEs total
| CVE-2025-1471 | Eclipse OMR: Buffer overflow vulnerability | |
| CVE-2025-0727 | Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow | |
| CVE-2025-0728 | Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow | |
| CVE-2025-0726 | Eclipse ThreadX NetX Duo HTTP server denial of service |
IV. Related Vulnerabilities
Same weakness: CWE-476
- CVE-2026-8252
Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer - CVE-2026-7259
Null pointer dereference in php_mb_check_encoding() via mb_e - CVE-2026-7262
NULL pointer dereference in SOAP apache:Map decoder with mis - CVE-2026-42183
Argo Workflows: SSO RBAC Delegation Nil Pointer Dereference - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error
V. Comments for CVE-2025-1470
No comments yet