High severityNVD Advisory· Published Dec 20, 2021· Updated Aug 4, 2024

Apache Parquet-MR potential DoS in case of malicious Parquet file

CVE-2021-41561

Description

Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.apache.parquet:parquetMaven	>= 1.12.0, < 1.12.2	1.12.2
org.apache.parquet:parquetMaven	< 1.11.2	1.11.2

Affected products

ghsa-coords
pkg:maven/org.apache.parquet/parquet
Range: >= 1.12.0, < 1.12.2
Apache Software Foundation/Apache Parquetv5
Range: 1.9.0

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-gc67-crq6-hgh5ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2021-41561ghsaADVISORY
www.openwall.com/lists/oss-security/2021/12/20/1ghsamailing-listx_refsource_MLISTWEB
lists.apache.org/thread/1bjlscbqtfzl160hrm9lnpjpppp5z3zrghsax_refsource_MISCWEB

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000