Category: Big Data, Security, Vulnerabilities

A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances. The vulnerability, tracked as CVE-2025-30065, is a deserialization issue (CWE-502) in Parquet’s Java library that allows execution of maliciously crafted Parquet files. “This vulnerability can impact data pipelines and analytics systems that import…

Category: Big Data, Security, Vulnerabilities

Big Data, Security, Vulnerabilities, Exploits, Global Security News

Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE

April 4, 2025