Primary

Context

Eclipse OMR Buffer Overflow Vulnerability in Port Library Component

Vulnerability

Patched

A buffer overflow vulnerability has been identified in the Eclipse OMR port library component, affecting versions since release 0.2.0. The issue arises in an API function that returns the textual names of supported processor features. The function failed to properly account for the separator between features, leading to a potential buffer overflow if the output buffer was incorrectly sized. This vulnerability has been addressed in Eclipse OMR version 0.8.0.

Impact

Exploitation of this vulnerability could lead to a buffer overflow, a common vulnerability that can be exploited to execute arbitrary code or cause a crash.

Remediation

Users can upgrade to Eclipse OMR version 0.8.0 to address this vulnerability.

Added: Jan 29, 2026, 9:24 AM

Updated: Jan 29, 2026, 5:16 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

1.3

exploitability

4.0

remediation

7.7

relevance

2.5

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

1.3

exploitability

4.0

remediation

7.7

relevance

2.5

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eclipse OMR Buffer Overflow Vulnerability in Port Library Component

Vulnerability

Impact

Remediation

Affected Products

Eclipse OMR

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating