VYPR

Maven package

org.apache.parquet/parquet-avro

pkg:maven/org.apache.parquet/parquet-avro

Vulnerabilities (2)

  • CVE-2025-46762May 6, 2025
    affected < 1.15.2fixed 1.15.2

    Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these p

  • CVE-2025-30065Apr 1, 2025
    affected < 1.15.1fixed 1.15.1

    Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code Users are recommended to upgrade to version 1.15.1, which fixes the issue.