11 matches found
Azure Linux 3.0 Security Update: libarrow (CVE-2024-52338)
The version of libarrow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52338 advisory. - Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0...
SUSE CVE-2024-52338
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...
PYSEC-2024-161
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...
CVE-2024-52338 Apache Arrow R package: Arbitrary code execution when loading a malicious data file
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...
Security Bulletin: Vulnerability in PyArrow Affects IBM watsonx.data
Summary PyArrow could allow a remote authenticated attacker to execute arbitrary code on the system. This can affect IBM watsonx.data Vulnerability Details CVEID:CVE-2023-47248 DESCRIPTION: PyArrow could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an...
Security Bulletin: PyArrow is vulnerable to CVE-2023-47248 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses PyArrow which is vulnerable to CVE-2023-47248. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-47248 DESCRIPTION: PyArrow could allow a remote authenticated attacker to...
GHSA-X563-6HQV-26MR Ibis PyArrow dependency allows arbitrary code execution when loading a malicious data file
Impact Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files. This vulnerability on...
PYSEC-2023-238
Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files...
SUSE CVE-2023-47248
Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files. This vulnerability only...
GHSA-5WVP-7F3H-6WMM PyArrow: Arbitrary code execution when loading a malicious data file
Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files. This vulnerability only...
CVE-2023-47248 PyArrow, PyArrow: Arbitrary code execution when loading a malicious data file
Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files. This vulnerability only...