Now, who should really worry about this issue? All organizations using Apache Parquet Java with the parquet-avro module in versions ≤1.15.0, especially those processing Parquet files from external ...

A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability ... reading Avro data embedded in Parquet files. On April 2, 2025, Endor Labs ...

Apache Parquet 贡献者 Gang Wu 于 2025 年 5 月 2 日披露了该漏洞，该漏洞影响了 1.15.1 及以下版本。 漏洞的技术细分 该漏洞源于 parquet-avro 模块中不安全的架构解析。攻击者可以在 Parquet 文件元数据中嵌入恶意代码，当易受攻击的系统读取文件的 Avro 架构时，该元数据 ...

Those that are unable to upgrade their Apache Parquet instances to version 1.15.1 straight away are advised to avoid untrusted Parquet files, or at least to carefully analyze them before taking ...

If big data systems rely on the Apache Parquet open source file format for data processing, attacks may be imminent. A malicious code vulnerability affects Apache Parquet. The column-based open ...

Apache Parquet is a free and open-source columnar data file format that's designed for efficient data processing and retrieval, providing support for complex data, high-performance compression, and ...

That being said, if upgrading to Apache Parquet 1.15.1 immediately is impossible, it is suggested to avoid untrusted Parquet files or carefully validate their safety before processing them.

After installation, restart VS Code and activate the icons if prompted. If not, manually navigate to File > Preferences > Theme > File Icon Theme and select “VSCode Icons” to apply the icon set.

The FDAP stack brings enhanced data processing capabilities to large volumes of data. Apache Arrow acts as a cross-language development platform for in-memory data, facilitating efficient data ...