Skip to main content

Orc

2 CVEs product

Monthly

CVE-2025-47436 MEDIUM This Month

Heap-based Buffer Overflow vulnerability in Apache ORC. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Apache Orc
NVD
CVSS 4.0
6.0
EPSS
0.3%
CVE-2018-8015 Maven HIGH PATCH This Week

In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Apache Buffer Overflow Orc
NVD
CVSS 3.0
7.5
EPSS
3.5%
EPSS 0% CVSS 6.0
MEDIUM This Month

Heap-based Buffer Overflow vulnerability in Apache ORC. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Apache +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Apache Buffer Overflow +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy