Improper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later versions.
Fixes

Solution

No solution given by the vendor.


Workaround

1.12.x users should upgrade to 1.12.2 1.11.x users should upgrade to 1.11.2 Users of older release lines (<= 1.10.x) should upgrade to 1.12.2 or 1.11.2

History

Mon, 28 Jul 2025 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Apache parquet Java
CPEs cpe:2.3:a:apache:parquet-mr:*:*:*:*:*:*:*:* cpe:2.3:a:apache:parquet_java:*:*:*:*:*:*:*:*
Vendors & Products Apache parquet-mr
Apache parquet Java

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2024-08-04T03:15:29.260Z

Reserved: 2021-09-22T00:00:00

Link: CVE-2021-41561

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-12-20T12:15:07.333

Modified: 2025-07-28T14:54:17.610

Link: CVE-2021-41561

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.