Apache Orc

2 CVEs affecting Apache Orc. Latest disclosed: 2025-05-14. Critical: 1, High: 1.

Top CVEs affecting Apache Orc
CVESeverityScorePublishedSummary
CVE-2025-47436Critical9.82025-05-14Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted ma…
CVE-2018-8015High7.52018-05-18In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most li…