Navigation
Search
|
Critical deserialization bug in Apache Parquet allows RCE
Friday April 4, 2025. 10:01 PM , from InfoWorld
A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances.
The vulnerability, tracked as CVE-2025-30065, is a deserialization issue (CWE-502) in Parquet’s Java library that allows execution of maliciously crafted Parquet files. Continue reading on CSOonline.com.
https://www.csoonline.com/article/3954647/big-hole-in-big-data-critical-deserialization-bug-in-apach...
Related News |
25 sources
Current Date
Apr, Mon 7 - 07:13 CEST
|