A critical Apache Parquet vulnerability (CVE-2025-30065) has been demonstrated through a proof-of-concept exploit that can easily identify vulnerable servers. Developed by F5 Labs, this tool assists administrators in assessing security risks related to the vulnerability, which impacts all versions of Apache Parquet up to 1.15.0. Although practical exploitation is considered challenging, the flaw poses significant risks in specific environments processing unverified Parquet files.
Keypoints :
- A maximum severity vulnerability tracked as CVE-2025-30065 has been publicly disclosed for Apache Parquet.
- F5 Labs released a proof-of-concept exploit to help identify vulnerable servers and assess risk.
- The vulnerability is a deserialization flaw that impacts all versions of Apache Parquet up to 1.15.0.
- It allows potential remote code execution if specific conditions involving class instantiation are met.
- The likelihood of practical exploitation is low, but organizations using external Parquet files are at risk.
- A “canary exploit” tool is available on GitHub for verifying exposure to the vulnerability.
- Recommendations include upgrading to Apache Parquet version 15.1.1 or later and configuring deserialization restrictions.