Conversation
buherator
buherator
[oss-security] CVE-2025-47436: Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression
https://seclists.org/oss-sec/2025/q2/126
"malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it"
https://seclists.org/oss-sec/2025/q2/126
"malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it"
0
0
2