mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.6 KiB
1.6 KiB
CVE-2025-30065
Description
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary codeUsers are recommended to upgrade to version 1.15.1, which fixes the issue.
POC
Reference
- https://github.com/h3st4k3r/CVE-2025-30065/blob/main/POC-CVE-2025-30065-ParquetExploitGenerator.java
- https://github.com/mouadk/parquet-rce-poc-CVE-2025-30065/blob/main/src/main/java/com/evil/GenerateMaliciousParquetSSRF.java
- https://news.ycombinator.com/item?id=43603091
Github
- https://github.com/B1ack4sh/Blackash-CVE-2025-30065
- https://github.com/F5-Labs/parquet-canary-exploit-rce-poc-CVE-2025-30065
- https://github.com/ThreatRadarAI/TRAI-001-Critical-RCE-Vulnerability-in-Apache-Parquet-CVE-2025-30065-Simulation
- https://github.com/bjornhels/CVE-2025-30065
- https://github.com/gkhays/mcp-nvd-server
- https://github.com/h3st4k3r/CVE-2025-30065
- https://github.com/mouadk/parquet-rce-poc-CVE-2025-30065
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/ron-imperva/CVE-2025-30065-PoC
- https://github.com/tanjiti/sec_profile
- https://github.com/zhanpengliu-tencent/medium-cve