2160
Posts
230
Kudos Received
82
Solutions
About
My expertise is not in hadoop but rather online communities, support and social media. Interests include: photography, travel, movies and watching sports.
My Accepted Solutions
Title | Views | Posted |
---|---|---|
79 | 05-07-2025 11:41 AM | |
369 | 02-27-2025 12:49 PM | |
2151 | 06-29-2023 05:42 AM | |
1864 | 05-22-2023 07:03 AM | |
1404 | 05-22-2023 05:42 AM |
05-07-2025
11:41 AM
1 Kudo
Welcome to the community @Cynn . Have you checked the partner page on Cloudera.com? https://www.cloudera.com/partners/cloudera-partner-network-program.html
... View more
04-16-2025
01:05 PM
Background:
On April 1, 2025, a critical vulnerability in the parquet-avro module of Apache Parquet (CVE-2025-30065, CVSS score 10.0) was announced.
Cloudera is issuing this advisory to inform customers about affected components and details about the impact this has on Cloudera components. An active investigation of this vulnerability is ongoing with the highest priority, and Cloudera will provide in-depth updates on impacted products and mitigation steps in short order via a separate Technical Service Bulletin (TSB).
Vulnerability Details:
Exploiting this vulnerability is only possible by modifying the accepted schema used for translating Parquet files and subsequently submitting a specifically crafted malicious file.
CVE-2025-30065 | Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code.
CVE: NVD - CVE-2025-30065
Severity (Critical): CVSS:4.0/AV:N/AC:L/AT:N/PR:N/ UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/ SA:N
Mitigation:
Until an upgrade with Apache Parquet 1.15.1 or higher is available:
Utilize a File Integrity Monitoring (FIM) solution. This allows administrators to monitor files at the filesystem level and receive alerts on any unexpected or suspicious activity in the schema configuration.
Monitor network activity for any transmission of Parquet files, and alert on any unexpected activity.
Be cautious with Parquet files from unknown or untrusted sources. If possible, do not process files with uncertain origin or that came from outside the organization.
Ensure that only authorized users have access to endpoints that ingest Parquet files.
For the latest update on this issue, see the corresponding Knowledge Article:
Cloudera Customer Advisory 2025-846 : Cloudera’s response to the Apache Parquet vulnerability CVE-2025-30065
... View more
04-03-2025
11:27 AM
Welcome to the community @stevenchern. I'm happy to see the issue resolved.
... View more
04-02-2025
09:16 AM
Welcome to the community @LDAP . While you are waiting for someone more knowledgable than me to reply, can you perhaps add some more context here? For instance what versions of Spark and JDBC are you using?
... View more
02-27-2025
12:49 PM
Thank you so much for the additional details @MaraWang. I have received some word from the team on the situation. The recent rebrand of Cloudera.com also included a migration of our Blog into cloudera.com from a legacy Wordpress site. We have migrated the business blog posts and are in the process of restoring the technical blogs. Thank you for your patience as we complete this initiative and stay tuned for our next update when the migration is fully complete. I hope this helps.
... View more
02-27-2025
08:52 AM
Thank you for alerting us @MaraWang. I'm discussing this with the blogs team, so could you share any additional links you are having difficulty with so we can review?
... View more
02-21-2025
07:13 AM
The original poster of the thread has the ability to mark the solution @sujith18. @ravi_tadepally has @MattWho 's response helped you overcome your issue? If so, please mark his reply as the solution.
... View more
01-27-2025
10:04 AM
Hi @PalmiGrace ,
If you look at the CDP-4001 certification page, it has suggested training and resources at the bottom.
... View more
11-04-2024
11:03 AM
2 Kudos
I am sorry to hear they are facing this issue. I've sent you a private message for additional details so we can direct to the appropriate team.
... View more
10-04-2024
04:54 AM
@mjmoore
Have you been able to resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future.
... View more