Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for orc by apache
CVE-2025-47436 (GCVE-0-2025-47436)
Vulnerability from cvelistv5 – Published: 2025-05-14 13:11 – Updated: 2025-05-14 20:58
VLAI
Title
Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression
Summary
Heap-based Buffer Overflow vulnerability in Apache ORC.
A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory corruption.
This issue affects Apache ORC C++ library: through 1.8.8, from 1.9.0 through 1.9.5, from 2.0.0 through 2.0.4, from 2.1.0 through 2.1.1.
Users are recommended to upgrade to version 1.8.9, 1.9.6, 2.0.5, and 2.1.2, which fix the issue.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://orc.apache.org/security/CVE-2025-47436/ | vendor-advisory |
| https://lists.apache.org/thread/kd6tlv8fs5jybmsgx… | mailing-list |
| http://www.openwall.com/lists/oss-security/2025/05/13/4 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache ORC |
Affected:
0 , ≤ 1.8.8
(semver)
Affected: 1.9.0 , ≤ 1.9.5 (semver) Affected: 2.0.0 , ≤ 2.0.4 (semver) Affected: 2.1.0 , ≤ 2.1.1 (semver) |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-05-14T13:12:15.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/05/13/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T20:57:53.341189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T20:58:23.567Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache ORC",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.8.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.9.5",
"status": "affected",
"version": "1.9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.4",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.1",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Jason Villaluna"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eHeap-based Buffer Overflow vulnerability in Apache ORC.\u003c/p\u003e\u003cp\u003eA vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory corruption.\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache ORC C++ library: through 1.8.8, from 1.9.0 through 1.9.5, from 2.0.0 through 2.0.4, from 2.1.0 through 2.1.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.8.9, 1.9.6, 2.0.5, and 2.1.2, which fix the issue.\u003c/p\u003e"
}
],
"value": "Heap-based Buffer Overflow vulnerability in Apache ORC.\n\nA vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to\u00a0allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory corruption.\n\nThis issue affects Apache ORC C++ library: through 1.8.8, from 1.9.0 through 1.9.5, from 2.0.0 through 2.0.4, from 2.1.0 through 2.1.1.\n\nUsers are recommended to upgrade to version 1.8.9, 1.9.6, 2.0.5, and 2.1.2, which fix the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/S:N/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T13:11:36.329Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://orc.apache.org/security/CVE-2025-47436/"
},
{
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread/kd6tlv8fs5jybmsgxr4vrkdxyc866wrn"
}
],
"source": {
"defect": [
"ORC-1879"
],
"discovery": "EXTERNAL"
},
"title": "Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-47436",
"datePublished": "2025-05-14T13:11:36.329Z",
"dateReserved": "2025-05-07T05:04:56.166Z",
"dateUpdated": "2025-05-14T20:58:23.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8015 (GCVE-0-2018-8015)
Vulnerability from cvelistv5 – Published: 2018-05-18 17:00 – Updated: 2024-09-16 18:44
VLAI
Summary
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack.
Severity
No CVSS data available.
CWE
- Denial of Service
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://orc.apache.org/security/CVE-2018-8015/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/104215 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache ORC |
Affected:
1.0.0 to 1.4.3
|
Date Public
2018-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:11.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://orc.apache.org/security/CVE-2018-8015/"
},
{
"name": "104215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104215"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache ORC",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.0.0 to 1.4.3"
}
]
}
],
"datePublic": "2018-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-22T09:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://orc.apache.org/security/CVE-2018-8015/"
},
{
"name": "104215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104215"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-05-17T00:00:00",
"ID": "CVE-2018-8015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache ORC",
"version": {
"version_data": [
{
"version_value": "1.0.0 to 1.4.3"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://orc.apache.org/security/CVE-2018-8015/",
"refsource": "CONFIRM",
"url": "https://orc.apache.org/security/CVE-2018-8015/"
},
{
"name": "104215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104215"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-8015",
"datePublished": "2018-05-18T17:00:00.000Z",
"dateReserved": "2018-03-09T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:44:19.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47436 (GCVE-0-2025-47436)
Vulnerability from nvd – Published: 2025-05-14 13:11 – Updated: 2025-05-14 20:58
VLAI
Title
Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression
Summary
Heap-based Buffer Overflow vulnerability in Apache ORC.
A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory corruption.
This issue affects Apache ORC C++ library: through 1.8.8, from 1.9.0 through 1.9.5, from 2.0.0 through 2.0.4, from 2.1.0 through 2.1.1.
Users are recommended to upgrade to version 1.8.9, 1.9.6, 2.0.5, and 2.1.2, which fix the issue.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://orc.apache.org/security/CVE-2025-47436/ | vendor-advisory |
| https://lists.apache.org/thread/kd6tlv8fs5jybmsgx… | mailing-list |
| http://www.openwall.com/lists/oss-security/2025/05/13/4 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache ORC |
Affected:
0 , ≤ 1.8.8
(semver)
Affected: 1.9.0 , ≤ 1.9.5 (semver) Affected: 2.0.0 , ≤ 2.0.4 (semver) Affected: 2.1.0 , ≤ 2.1.1 (semver) |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-05-14T13:12:15.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/05/13/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T20:57:53.341189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T20:58:23.567Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache ORC",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.8.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.9.5",
"status": "affected",
"version": "1.9.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.4",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.1",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Jason Villaluna"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eHeap-based Buffer Overflow vulnerability in Apache ORC.\u003c/p\u003e\u003cp\u003eA vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory corruption.\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache ORC C++ library: through 1.8.8, from 1.9.0 through 1.9.5, from 2.0.0 through 2.0.4, from 2.1.0 through 2.1.1.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.8.9, 1.9.6, 2.0.5, and 2.1.2, which fix the issue.\u003c/p\u003e"
}
],
"value": "Heap-based Buffer Overflow vulnerability in Apache ORC.\n\nA vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to\u00a0allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory corruption.\n\nThis issue affects Apache ORC C++ library: through 1.8.8, from 1.9.0 through 1.9.5, from 2.0.0 through 2.0.4, from 2.1.0 through 2.1.1.\n\nUsers are recommended to upgrade to version 1.8.9, 1.9.6, 2.0.5, and 2.1.2, which fix the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/S:N/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T13:11:36.329Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://orc.apache.org/security/CVE-2025-47436/"
},
{
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread/kd6tlv8fs5jybmsgxr4vrkdxyc866wrn"
}
],
"source": {
"defect": [
"ORC-1879"
],
"discovery": "EXTERNAL"
},
"title": "Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-47436",
"datePublished": "2025-05-14T13:11:36.329Z",
"dateReserved": "2025-05-07T05:04:56.166Z",
"dateUpdated": "2025-05-14T20:58:23.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8015 (GCVE-0-2018-8015)
Vulnerability from nvd – Published: 2018-05-18 17:00 – Updated: 2024-09-16 18:44
VLAI
Summary
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack.
Severity
No CVSS data available.
CWE
- Denial of Service
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://orc.apache.org/security/CVE-2018-8015/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/104215 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache ORC |
Affected:
1.0.0 to 1.4.3
|
Date Public
2018-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:46:11.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://orc.apache.org/security/CVE-2018-8015/"
},
{
"name": "104215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104215"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache ORC",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.0.0 to 1.4.3"
}
]
}
],
"datePublic": "2018-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-22T09:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://orc.apache.org/security/CVE-2018-8015/"
},
{
"name": "104215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104215"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-05-17T00:00:00",
"ID": "CVE-2018-8015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache ORC",
"version": {
"version_data": [
{
"version_value": "1.0.0 to 1.4.3"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://orc.apache.org/security/CVE-2018-8015/",
"refsource": "CONFIRM",
"url": "https://orc.apache.org/security/CVE-2018-8015/"
},
{
"name": "104215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104215"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-8015",
"datePublished": "2018-05-18T17:00:00.000Z",
"dateReserved": "2018-03-09T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:44:19.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}