The vulnerability of the R package in the Apache Arrow data analysis and processing system allows a hacker to execute arbitrary code.

The vulnerability of the Apache Arrow data analysis and processing system’s R package is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2024-52338

Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...

CVE-2024-52338 Apache Arrow R package: Arbitrary code execution when loading a malicious data file

Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...

CVE-2024-52338 Apache Arrow R package: Arbitrary code execution when loading a malicious data file

Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...

PT-2024-9096

Name of the Vulnerable Software and Affected Versions: Apache Arrow R package versions 4.0.0 through 16.1.0 Description: The issue is related to the deserialization of untrusted data in IPC and Parquet readers, which allows arbitrary code execution. An application is vulnerable if it reads Arrow...