Back to search
CVE-2018-8015
Published: May 18, 2018
Modified: Sep 16, 2024
PUBLISHED
Description
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache ORC | affected 1.0.0 to 1.4.3 |
References
https://orc.apache.org/security/CVE-2018-8015/
x_refsource_CONFIRM
104215
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now