Malicious code in prefer-arrow (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd4c923d3d6c399e77c6af5aa1cbd1e4712cb7bd89045f7ad31667227e6e3bd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-49032 Malicious code in prefer-arrow (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd4c923d3d6c399e77c6af5aa1cbd1e4712cb7bd89045f7ad31667227e6e3bd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2024-52338

Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...

Apache Arrow R package: Arbitrary code execution when loading a malicious data file

...

arrow (>=0.14.0 <=0.15.1), blockbuffers (=0.1.0) +12 more potentially affected by CVE-2019-25004 via flatbuffers (>=0.4.0 <=0.5.0)

flatbuffers CARGO version =0.4.0, =0.14.0, =0.1.8, =0.1.0, =0.0.5, =0.1.0, =0.1.0, =0.2.0, =3.0.0, =1.0.0, =1.1.2, =1.2.0, =1.3.2 Source cves: CVE-2019-25004 Source advisory: OSV:RUSTSEC-2019-0028...