Skip to main content

Pyarrow

1 CVEs product

Monthly

CVE-2023-47248 PyPI CRITICAL POC PATCH THREAT Act Now

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache RCE Deserialization Pyarrow
NVD GitHub
CVSS 3.1
9.8
EPSS
14.4%
EPSS 14% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache RCE Deserialization +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy