Apache Orc
2 CVEs affecting Apache Orc. Latest disclosed: 2025-05-14. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-47436 | Critical | 9.8 | 2025-05-14 | Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted ma… |
CVE-2018-8015 | High | 7.5 | 2018-05-18 | In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most li… |