{"id":5351,"date":"2025-04-06T02:16:25","date_gmt":"2025-04-05T17:16:25","guid":{"rendered":"https:\/\/aireviewirush.com\/?p=5351"},"modified":"2025-04-06T02:16:25","modified_gmt":"2025-04-05T17:16:25","slug":"huge-gap-in-massive-knowledge-aparche-parquet-has-a-ritical-deserialization-bug","status":"publish","type":"post","link":"https:\/\/aireviewirush.com\/?p=5351","title":{"rendered":"Huge gap in massive knowledge: Aparche Parquet has a ritical deserialization bug"},"content":{"rendered":"


\n
\"\"<\/p>\n

\n

Whereas the technical particulars of a possible exploit are but to come back, a particular module, Parquet-avro, throughout the library was found permitting deserialization of untrusted knowledge, enabling execution of codes despatched remotely within the type of crafted Parquet information.<\/p>\n

Any utility or service that makes use of the Java library, together with common big-data frameworks like Hadoop, Spark, and Flink are vulnerable to assaults. The ensuing distant code execution (RCE) on sufferer techniques can permit attackers to take management of the techniques, tamper with or steal knowledge, set up malware, or\/and disrupt companies, Endor labs added.<\/p>\n

No recognized exploits but<\/h2>\n

Neither Endor Labs nor NIST\u2019s NVD<\/a> entry reported any exploit makes an attempt utilizing CVE-2025-30065 as of publication of this text. Apache silently pushed<\/a> a repair with the discharge of 1.15.1 on March 16, 2025, with a GitHub <\/a>redirect to modifications made within the replace.<\/p>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"

Whereas the technical particulars of a possible exploit are but to come back, a particular module, Parquet-avro, throughout the library was found permitting deserialization of untrusted knowledge, enabling execution of codes despatched remotely within the type of crafted Parquet information. Any utility or service that makes use of the Java library, together with common big-data […]<\/p>\n","protected":false},"author":1,"featured_media":5353,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"class_list":{"0":"post-5351","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cloud-computing"},"_links":{"self":[{"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/posts\/5351","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5351"}],"version-history":[{"count":1,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/posts\/5351\/revisions"}],"predecessor-version":[{"id":5352,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/posts\/5351\/revisions\/5352"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/media\/5353"}],"wp:attachment":[{"href":"https:\/\/aireviewirush.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5351"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5351"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}