[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2021-41561: Apache Parquet-MR potential DoS in case of malicious Parquet file
From: Gábor_Szádovszky <gabor () apache ! org>
Date: 2021-12-20 10:03:37
Message-ID: 568519e9-1bcc-671d-5868-d96b3fa6f908 () apache ! org
[Download RAW message or body]
Description:
Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to \
DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later \
versions.
This issue is being tracked as PARQUET-2094
Mitigation:
1.12.x users should upgrade to 1.12.2
1.11.x users should upgrade to 1.11.2
Users of older release lines (<= 1.10.x) should upgrade to 1.12.2 or 1.11.2
Credit:
This issue was discovered by Sergey Temnikov of the Amazon S3 team.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic