CVE-2021-41561

Summary

Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later versions.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Parquet1.9.0 < Parquet-MR*affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

Workarounds

1.12.x users should upgrade to 1.12.2 1.11.x users should upgrade to 1.11.2 Users of older release lines (<= 1.10.x) should upgrade to 1.12.2 or 1.11.2

ADP Enrichment

CVE Program Container

Additional References

References