Astra Linux - уязвимость в orc

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

AZL-47050 CVE-2024-40897 affecting package orc 0.4.31-4

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

Advisory ROSA-SA-2021-1941

Software: orc 0.4.26 OS: Cobalt 7.9 CVE-ID: CVE-2018-8015 CVE-Crit: HIGH CVE-DESC: In Apache ORC 1.0.0-1.4.3, a corrupted ORC file can trigger an infinitely recursive function call in a C ++ or Java parser. The consequence of this error is likely to be a denial of service for software that uses t...

Stack overflow

In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the...

CVE-2018-8015

In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the...