Name of the Vulnerable Software and Affected Versions parquet (affected versions not specified)

Description The issue is related to a crash caused by a negative-size-param, which occurs in the parquet::PlainByteArrayDecoder::DecodeArrowDense function. This function is called by parquet::PlainByteArrayDecoder::DecodeArrow, and ultimately by parquet::internal::ByteArrayChunkedRecordReader::ReadValuesSpaced.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.