5 matches found
CVE-2025-47436 Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression
Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...
CVE-2025-47436 Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression
Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...
CVE-2025-47436
CVE-2025-47436 (Apache ORC) : A heap-based buffer overflow found in the ORC C++ LZO decompression logic. Malformed ORC files can cause the decompressor to allocate a 250-byte buffer but copy 295 bytes, causing memory corruption. Affected versions (as documented): 1.8.0–1.8.8; 1.9.0–1.9.5; 2.0.0–2...
CVE-2025-47436
Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory...
CVE-2025-47436
creationtimestamp| type| source ---|---|--- 2025-05-13 13:22:14+00:00| seen| https://seclists.org/oss-sec/2025/q2/126 2025-05-13 17:07:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lp2xwbnvzs2v 2025-05-13 18:07:08+00:00| seen|...