April 4, 2025 By Pierluigi Paganini
Experts warn of a critical vulnerability impacting Apache Parquet’s Java Library that could allow remote code execution.
Apache Parquet’s Java Library is a software library for reading and writing Parquet files in the Java programming language. Parquet is a columnar storage file format that is optimized for use with large-scale data processing frameworks, such as Apache Hadoop, Apache Spark, and Apache Drill.
Experts disclosed a critical vulnerability, tracked as CVE-2025-30065 (CVSS score of 10.0), impacting Apache Parquet’s Java Library that could allow remote code execution
“Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code” reads the advisory.
