5 matches found
CVE-2026-42241
ParquetSharp (a .NET library for Parquet) has a vulnerability in DecimalConverter.ReadDecimal from 18.1.0 up to before 23.0.0.1 where a stackalloc is performed using an attacker‑supplied width, allowing stack overflow if a decimal column width is unreasonably large. In a service environment, this...
CVE-2026-42241 ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width
ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this...
CVE-2026-42241 ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width
ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this...
CVE-2026-42241
ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this...
GHSA-RRJR-V56M-WW88 ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width
DecimalConverter.ReadDecimal makes a stackalloc using what might be an attacker-supplied value. If an attacker declares a decimal column with some unreasonable width, this could lead to a stack overflow. In a service environment, this would potentially take down a service. This affects applicatio...