Maven package
org.apache.parquet/parquet-avro
pkg:maven/org.apache.parquet/parquet-avro
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-46762 | — | < 1.15.2 | 1.15.2 | May 6, 2025 | Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these p | ||
| CVE-2025-30065 | — | < 1.15.1 | 1.15.1 | Apr 1, 2025 | Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code Users are recommended to upgrade to version 1.15.1, which fixes the issue. |
- CVE-2025-46762May 6, 2025affected < 1.15.2fixed 1.15.2
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these p
- CVE-2025-30065Apr 1, 2025affected < 1.15.1fixed 1.15.1
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code Users are recommended to upgrade to version 1.15.1, which fixes the issue.