MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
parquet
Recherche

Critical deserialization bug in Apache Parquet allows RCE

vendredi 4 avril 2025, 22:01 , par InfoWorld
A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances.

The vulnerability, tracked as CVE-2025-30065, is a deserialization issue (CWE-502) in Parquet’s Java library that allows execution of maliciously crafted Parquet files.

Continue reading on CSOonline.com.
Lire la suite sur InfoWorld
https://www.csoonline.com/article/3954647/big-hole-in-big-data-critical-deserialization-bug-in-apach...

Voir aussi

parquet CISA extends funding to ensure ‘no lapse in critical CVE services’ OS News16 Apr
allows CISA Extends Funding To Ensure 'No Lapse in Critical CVE Services' Slashdot16 Apr
apache AI for Good: Microsoft’s Critical Support in Mapping Myanmar’s Earthquake Damage eWeek 3 Apr
deserialization Politically motivated DDoS attacks target critical infrastructure BetaNews 2 Apr
critical CrushFTP CEO's feisty response to VulnCheck's CVE for critical make-me-admin bug TheRegister27 Mar
code Critical RCE flaws put Kubernetes clusters at risk of takeover InfoWorld26 Mar
rce Trump Admin Plans to Cut Team Responsible for Critical Atomic Measurement Data Wired: Tech.25 Mar
bug Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist TheRegister20 Mar
parquet French scientist denied entry to US after a search of his phone revealed messages critical of Trump BoingBoing20 Mar
allows IBM scores perfect 10 ... vulnerability in mission-critical OS AIX TheRegister19 Mar
apache FTC Removes Posts Critical of Amazon, Microsoft, and AI Companies Slashdot18 Mar
deserialization FTC Removes Posts Critical of Amazon, Microsoft, and AI Companies Wired: Tech.18 Mar
critical 'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild' TheRegister18 Mar
code Developer wrote a critical app and forgot where it ran – until it stopped running TheRegister17 Mar
rce Codon Python Compiler Gets Faster - and Changes to Apache 2 License Slashdot16 Mar
bug Meta Stops Ex-Director From Promoting Critical Memoir Slashdot13 Mar
parquet Regulation and its role in protecting critical infrastructure [Q&A] BetaNews12 Mar
allows Choose your own Patch Tuesday adventure: Start with six zero-day fixes, or six critical flaws TheRegister12 Mar
apache Beyond DeepSeek: 3 critical questions for the future of AI BetaNews 7 Mar
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Date Actuelle
dim. 27 avril - 18:18 CEST