Apache Orc
By the Year
In 2024 there have been 0 vulnerabilities in Apache Orc . Orc did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 7.50 |
It may take a day or so for new Orc vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Orc Security Vulnerabilities
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser
CVE-2018-8015
7.5 - High
- May 18, 2018
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack.
Stack Exhaustion
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Orc or by Apache? Click the Watch button to subscribe.
