From 42a60619578aeb4d0e03407a58cd4c74b76cbab7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 21 Feb 2025 11:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2025/1xxx/CVE-2025-1470.json | 71 ++++++++++++++++++++++++++++++++++-- 2025/1xxx/CVE-2025-1471.json | 66 +++++++++++++++++++++++++++++++-- 2025/1xxx/CVE-2025-1547.json | 18 +++++++++ 2025/1xxx/CVE-2025-1548.json | 18 +++++++++ 4 files changed, 165 insertions(+), 8 deletions(-) create mode 100644 2025/1xxx/CVE-2025-1547.json create mode 100644 2025/1xxx/CVE-2025-1548.json diff --git a/2025/1xxx/CVE-2025-1470.json b/2025/1xxx/CVE-2025-1470.json index 31d8dde278b..2437b9b23ff 100644 --- a/2025/1xxx/CVE-2025-1470.json +++ b/2025/1xxx/CVE-2025-1470.json @@ -1,18 +1,81 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-1470", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@eclipse.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe functions do not check their return values for NULL memory pointers or for memory allocation failures. This can lead to NULL pointer dereference crashes. Beginning in version 0.5.0, internal OMR consumers of atoe functions handle NULL return values and memory allocation failures correctly." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-476 NULL Pointer Dereference", + "cweId": "CWE-476" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Eclipse Foundation", + "product": { + "product_data": [ + { + "product_name": "Eclipse OMR", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "0.4.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eclipse-omr/omr/pull/7655", + "refsource": "MISC", + "name": "https://github.com/eclipse-omr/omr/pull/7655" + }, + { + "url": "https://github.com/eclipse-omr/omr/pull/7663", + "refsource": "MISC", + "name": "https://github.com/eclipse-omr/omr/pull/7663" + }, + { + "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/54", + "refsource": "MISC", + "name": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/54" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1471.json b/2025/1xxx/CVE-2025-1471.json index ccf5c437f3c..fc8f773283a 100644 --- a/2025/1xxx/CVE-2025-1471.json +++ b/2025/1xxx/CVE-2025-1471.json @@ -1,18 +1,76 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-1471", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@eclipse.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-787 Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Eclipse Foundation", + "product": { + "product_data": [ + { + "product_name": "Eclipse OMR", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0.2.0", + "version_value": "0.4.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eclipse-omr/omr/pull/7658", + "refsource": "MISC", + "name": "https://github.com/eclipse-omr/omr/pull/7658" + }, + { + "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/55", + "refsource": "MISC", + "name": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/55" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1547.json b/2025/1xxx/CVE-2025-1547.json new file mode 100644 index 00000000000..e6cf23d9d7e --- /dev/null +++ b/2025/1xxx/CVE-2025-1547.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1547", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1548.json b/2025/1xxx/CVE-2025-1548.json new file mode 100644 index 00000000000..cdd1e0428c7 --- /dev/null +++ b/2025/1xxx/CVE-2025-1548.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1548", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file