Background:
Cloudera is issuing this advisory to inform customers about affected components and details about the impact this has on Cloudera components. An active investigation of this vulnerability is ongoing with the highest priority, and Cloudera will provide in-depth updates on impacted products and mitigation steps in short order via a separate Technical Service Bulletin (TSB).
Vulnerability Details:
Exploiting this vulnerability is only possible by modifying the accepted schema used for translating Parquet files and subsequently submitting a specifically crafted malicious file.
CVE-2025-30065 |
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code.
Severity (Critical): CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
Mitigation:
Until an upgrade with Apache Parquet 1.15.1 or higher is available:
- Utilize a File Integrity Monitoring (FIM) solution. This allows administrators to monitor files at the filesystem level and receive alerts on any unexpected or suspicious activity in the schema configuration.
- Monitor network activity for any transmission of Parquet files, and alert on any unexpected activity.
- Be cautious with Parquet files from unknown or untrusted sources. If possible, do not process files with uncertain origin or that came from outside the organization.
- Ensure that only authorized users have access to endpoints that ingest Parquet files.
For the latest update on this issue, see the corresponding Knowledge Article:
