VYPR

rpm package

almalinux/orc-compiler

pkg:rpm/almalinux/orc-compiler

Vulnerabilities (2)

  • CVE-2024-40897Jul 26, 2024
    affected < 0.4.28-4.el8_10fixed 0.4.28-4.el8_10

    Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to c

  • CVE-2018-7263CriFeb 20, 2018
    affected < 0.4.28-3.el8fixed 0.4.28-3.el8

    The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: this may overlap CVE-2017-11552.