Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.orc/orc@1.4.4

Type maven

Namespace org.apache.orc

Name orc

Version 1.4.4

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-y7vw-767k-4kfv

vulnerability_id VCID-y7vw-767k-4kfv

summary

Improper Restriction of Operations within the Bounds of a Memory Buffer
In Apache ORC malformed ORC file can trigger an endlessly recursive function call in the Java parser.

references

reference_url	http://www.securityfocus.com/bid/104215
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/104215

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2018-8015
reference_id	CVE-2018-8015
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2018-8015

reference_url	https://orc.apache.org/security/CVE-2018-8015/
reference_id	CVE-2018-8015
reference_type
scores
url	https://orc.apache.org/security/CVE-2018-8015/

fixed_packages

url	pkg:maven/org.apache.orc/orc@1.4.4
purl	pkg:maven/org.apache.orc/orc@1.4.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.orc/orc@1.4.4

aliases CVE-2018-8015

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7vw-767k-4kfv

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.orc/orc@1.4.4

Package Instance