CVE-2024-52338

Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if itreads Arrow IPC, Feather or Parquet data from untrusted sources (forexample, user-supplied input files). This v...