MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
parquet
Search

Critical deserialization bug in Apache Parquet allows RCE

Friday April 4, 2025. 10:01 PM , from InfoWorld
A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances.

The vulnerability, tracked as CVE-2025-30065, is a deserialization issue (CWE-502) in Parquet’s Java library that allows execution of maliciously crafted Parquet files.

Continue reading on CSOonline.com.
https://www.csoonline.com/article/3954647/big-hole-in-big-data-critical-deserialization-bug-in-apach...

Related News

News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Apr, Mon 7 - 07:13 CEST