Orc
Monthly
Heap-based Buffer Overflow vulnerability in Apache ORC. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Heap-based Buffer Overflow vulnerability in Apache ORC. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.