Product: Apache Parquet
CVE: 2025-30065
CWE: 502
CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: Critical
Type: Deserialization of Untrusted Data
Affected Versions: all Apache Parquet Java versions through 1.15.0
POC: We didnt found yet
[+] Info: https://www.endorlabs.com/learn/critical-rce-vulnerability-in-apache-parquet-cve-2025-30065---advisory-and-analysis
CVE: 2025-30065
CWE: 502
CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: Critical
Type: Deserialization of Untrusted Data
Affected Versions: all Apache Parquet Java versions through 1.15.0
POC: We didnt found yet
[+] Info: https://www.endorlabs.com/learn/critical-rce-vulnerability-in-apache-parquet-cve-2025-30065---advisory-and-analysis
Cyber Security News
Apache Traffic Server Vulnerability Let Attackers Smuggle Requests
A critical security vulnerability in Apache Traffic Server (ATS) has been discovered, allowing attackers to perform request smuggling attacks.
