MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
parquet
Recherche

Critical deserialization bug in Apache Parquet allows RCE

vendredi 4 avril 2025, 22:01 , par InfoWorld
A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances.

The vulnerability, tracked as CVE-2025-30065, is a deserialization issue (CWE-502) in Parquet’s Java library that allows execution of maliciously crafted Parquet files.

Continue reading on CSOonline.com.
Lire la suite sur InfoWorld
https://www.csoonline.com/article/3954647/big-hole-in-big-data-critical-deserialization-bug-in-apach...

Voir aussi

parquet AI for Good: Microsoft’s Critical Support in Mapping Myanmar’s Earthquake Damage eWeek 3 Apr
allows Politically motivated DDoS attacks target critical infrastructure BetaNews 2 Apr
apache CrushFTP CEO's feisty response to VulnCheck's CVE for critical make-me-admin bug TheRegister27 Mar
deserialization Critical RCE flaws put Kubernetes clusters at risk of takeover InfoWorld26 Mar
critical Trump Admin Plans to Cut Team Responsible for Critical Atomic Measurement Data Wired: Tech.25 Mar
code Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist TheRegister20 Mar
rce French scientist denied entry to US after a search of his phone revealed messages critical of Trump BoingBoing20 Mar
bug IBM scores perfect 10 ... vulnerability in mission-critical OS AIX TheRegister19 Mar
parquet FTC Removes Posts Critical of Amazon, Microsoft, and AI Companies Slashdot18 Mar
allows FTC Removes Posts Critical of Amazon, Microsoft, and AI Companies Wired: Tech.18 Mar
apache 'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild' TheRegister18 Mar
deserialization Developer wrote a critical app and forgot where it ran – until it stopped running TheRegister17 Mar
critical Codon Python Compiler Gets Faster - and Changes to Apache 2 License Slashdot16 Mar
code Meta Stops Ex-Director From Promoting Critical Memoir Slashdot13 Mar
rce Regulation and its role in protecting critical infrastructure [Q&A] BetaNews12 Mar
bug Choose your own Patch Tuesday adventure: Start with six zero-day fixes, or six critical flaws TheRegister12 Mar
parquet Beyond DeepSeek: 3 critical questions for the future of AI BetaNews 7 Mar
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Date Actuelle
dim. 6 avril - 09:16 CEST