Apache Parquet is vulnerable to improper input validation. The vulnerability exits in util.java
of parquet-mr which allows an attacker to perform service disruption using malicious parquet files.
www.openwall.com/lists/oss-security/2021/12/20/1
git-wip-us.apache.org/repos/asf?p=parquet-mr.git;a=commit;h=1695d92cc07288713a9f2230f3aac61e2dc6a8e4
github.com/apache/parquet-mr/commit/d022451f5e58e86b39f0a312d6251a0dc6bb7468
github.com/apache/parquet-mr/pull/933
issues.apache.org/jira/browse/PARQUET-2094
lists.apache.org/thread/1bjlscbqtfzl160hrm9lnpjpppp5z3zr
www.openwall.com/lists/oss-security/2021/12/20/1