Apache Parquet Java vulnerabilities
2 known vulnerabilities affecting apache/parquet_java.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-30065P2CRITICALCVSS 9.8fixed in 1.15.12025-04-01
CVE-2025-30065 [CRITICAL] CWE-502 CVE-2025-30065: Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code
Users are recommended to upgrade to version 1.15.1, which fixes the issue.
nvd
CVE-2021-41561P3HIGHCVSS 7.5fixed in 1.11.2≥ 1.12.0, < 1.12.22021-12-20
CVE-2021-41561 [HIGH] CWE-20 CVE-2021-41561: Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by
Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later versions.
nvd