6 matches found
CVE-2023-47248
Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files. This vulnerability only...
GHSA-X563-6HQV-26MR Ibis PyArrow dependency allows arbitrary code execution when loading a malicious data file
Impact Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files. This vulnerability on...
a2ml (>=0.3.1 <=0.5.3), abi-ds-utils (=1.2.4) +765 more potentially affected by CVE-2023-47248 via pyarrow (>=0.14.0 <=14.0.0)
pyarrow PYPI version =0.14.0, =0.3.1, =2.0.4, =0.0.1a1, =0.1.0, =0.1.0, =0.1.7, =0.0.2, =80.4.6, =80.8.5 - alectio-sdk =0.6.8 and more Source cves: CVE-2023-47248 Source advisory: OSV:GHSA-5WVP-7F3H-6WMM...
biggerquery (=0.6.0.dev27), cartoframes (=1.0.0rc1) +11 more potentially affected by CVE-2019-12408 via pyarrow (>=0.14.0 <=0.15.0)
pyarrow PYPI version =0.14.0, =1.4.2, =0.1.1, =1.7.3, =0.4.5, =0.20.0, =2019.10.0, =0.1.1, =0.22.0, =0.24.1 - pyomnisci =25.0.0rc1 Source cves: CVE-2019-12408 Source advisory: OSV:GHSA-8CW2-JV5C-C825...
azureml-designer-classic-modules (>=0.0.105 <=0.0.112), azureml-designer-core (>=0.0.21 <=0.0.29) +39 more potentially affected by CVE-2019-12410 via pyarrow (>=0.12.0 <=0.15.0)
pyarrow PYPI version =0.12.0, =0.0.105, =0.0.21, =0.0.17, =0.0.36, =0.0.9, =1.0.48.1, =0.1.0, =1.4.2, =3.0.20190405035157, =0.1.0, =0.1.1, =0.1.3 and more Source cves: CVE-2019-12410 Source advisory: OSV:GHSA-CJW4-2W9R-R8MV...
cartoframes (=1.0.0rc1), data-linter (=0.1.0) +8 more potentially affected by CVE-2019-12408 via pyarrow (>=0.14.0 <=0.14.1)
pyarrow PYPI version =0.14.0, =1.4.2, =0.1.1, =1.7.3, =0.4.5, =0.20.0, =2019.10.0, =0.1.1, =0.1.8 Source cves: CVE-2019-12408 Source advisory: OSV:PYSEC-2019-195...