Photo credit: www.csoonline.com
A critical vulnerability has been identified within the Parquet-avro module of a widely used Java library, which poses significant risks to applications leveraging it. This flaw permits the deserialization of untrusted data, potentially allowing attackers to execute unauthorized code through specially crafted Parquet files.
The implications of this vulnerability are severe, particularly for applications and services that utilize the Java library, including major big-data frameworks like Hadoop, Spark, and Flink. Should an attacker exploit this remote code execution (RCE) vulnerability on affected systems, they could gain unauthorized control, manipulate or exfiltrate sensitive data, deploy malware, or disrupt operations, as noted by security experts at Endor Labs.
Current Status of Exploits
As of the latest reports, neither Endor Labs nor the National Institute of Standards and Technology (NIST) has observed any active exploitations related to CVE-2025-30065. This information is outlined in the NVD entry, which confirms that no attacks have been publicly documented. In response to this discovery, Apache swiftly released a patch, incorporating the necessary fixes in version 1.15.1 on March 16, 2025. Details of the changes can be explored further through the GitHub page associated with this update.
Source
www.csoonline.com