PT-2020-21929 — Apache Apache Parquet+1

PT-2020-21929 · Apache · Apache Parquet+1

Published

2020-06-24

Updated

2020-06-24

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Apache Thrift (affected versions not specified) parquet (affected versions not specified)

Description The issue is related to a crash in the Apache Thrift protocol, specifically in the TCompactProtocol. The crash occurs when reading a Parquet file, involving the parquet::format::FileMetaData::read function and the parquet::DeserializeThriftUnencryptedMsg function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

OSV-2020-165

Affected Products

Apache Thrift

Apache Parquet