Navigation
Recherche
|
Critical deserialization bug in Apache Parquet allows RCE
vendredi 4 avril 2025, 22:01 , par InfoWorld
A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances.
The vulnerability, tracked as CVE-2025-30065, is a deserialization issue (CWE-502) in Parquet’s Java library that allows execution of maliciously crafted Parquet files. Continue reading on CSOonline.com.
https://www.csoonline.com/article/3954647/big-hole-in-big-data-critical-deserialization-bug-in-apach...
Voir aussi |
56 sources (32 en français)
Date Actuelle
dim. 6 avril - 09:16 CEST
|