<ul><li>A critical vulnerability impacting Apache Parquet’s Java Library that could allow remote code execution has been disclosed.</li><li>The vulnerability, tracked as CVE-2025-30065, affects systems importing Parquet files from untrusted sources.</li><li>Attackers can exploit the flaw to gain remote code execution, steal/tamper with data, install malware, or disrupt services.</li><li>To mitigate the risk, users are recommended to upgrade to Apache Parquet Java version 1.15.1 or later, validate Parquet files from untrusted sources, and enable monitoring for suspicious behavior.</li></ul>

Critical flaw in Apache Parquet’s Java Library allows remote code execution

Discover more