Code Execution Vulnerability in Apache Parquet Product by Apache
CVE-2025-30065

10CRITICAL

Key Information:

Vendor
Apache
Status
Apache Parquet Java
Vendor
CVE Published:
1 April 2025

Badges

🥇 Trended No. 1📈 Trended📈 Score: 6,630💰 Ransomware👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2025-30065?

CVE-2025-30065 is a vulnerability found in the Apache Parquet product, specifically in its parquet-avro module. This open-source data processing framework is widely utilized to ensure efficient columnar storage and management, particularly in big data analytics applications. The identified issue allows malicious actors to execute arbitrary code, which can have serious implications for organizations relying on Apache Parquet for data handling. If exploited, this vulnerability jeopardizes the integrity and security of sensitive data, potentially leading to substantial operational disruptions and data breaches.

Technical Details

The vulnerability occurs due to inadequate schema parsing in versions 1.15.0 and earlier of the parquet-avro module within Apache Parquet. This flaw enables attackers to manipulate how data schemas are processed, leading to the possibility of executing unauthorized code on affected systems. Users are strongly encouraged to upgrade to version 1.15.1, which addresses these security concerns.

Potential Impact of CVE-2025-30065

  1. Arbitrary Code Execution: The primary risk associated with this vulnerability is the ability for attackers to execute arbitrary code on affected systems. This can lead to unauthorized access to system resources, sensitive data manipulation, or even full system compromise.

  2. Data Breaches: Given the utilization of Apache Parquet in data-intensive environments, an exploit could lead to unauthorized access to confidential information, resulting in severe data breaches that may violate compliance regulations and erode customer trust.

  3. Operational Disruption: Exploiting this vulnerability can hinder an organization's operations by disrupting data processing tasks. This could potentially lead to downtime or degraded performance in critical analytics workflows, impacting business continuity.

Affected Version(s)

Apache Parquet Java 0 <= 1.15.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-30065
Created by h3st4k3r

CVE-2025-30065
Created by bjornhels

CVE-2025-30065-PoC
Created by ron-imperva

News Articles

favicon imageCyberWire

President Trump fires the head of NSA and Cyber Command.

Patch issued for maximum severity flaw affecting Apache Parquet. China-linked threat actor exploits Ivanti Connect Secure vulnerability.

2 weeks ago

favicon imageGBHackers News

Critical Apache Parquet Vulnerability Allows Remote Code Execution

A severe vulnerability has been identified in the Apache Parquet Java library, specifically within its parquet-avro module.

2 weeks ago

favicon imageThe Hacker News

Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code

Apache Parquet flaw CVE-2025-30065 enables remote code execution from crafted files, risking data pipelines.

2 weeks ago

References

https://lists.apache.org/thread/okzqb3kn479gqzxm21gg5vqr3...
vendor-advisory

CVSS V4

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 💰

    Used in Ransomware

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 🟡

    Public PoC available

  • 📈

    Vulnerability started trending

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by BleepingComputer

  • Vulnerability published

  • Vulnerability Reserved

Credit

Keyi Li (Amazon)
.