CVE Daily

CVE-2025-30065

Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous ...

Critical CVSS 9.8

Overview

Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code


Users are recommended to upgrade to version 1.15.1, which fixes the issue.

CWE: CWE-502 Published: 2025-04-01T08:15:15.283
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: apache, rce (tag impact: VERY HIGH)

Recommended actions:

  • Patch/upgrade immediately (remote code execution).
  • Reduce exposure (WAF/segmentation), minimize attack surface.

Recommended tools

Tags