National Cyber Warfare Foundation (NCWF)

Apache Arrow PyArrow Arbitrary Code Execution Vulnerability (CVS 2023-47248) Notification
0 user ratings		2023-11-15 07:39:19
milo
Blue Team (CND)
 - archive -- 

Overview Recently, NSFOCUS CERT found that Apache Arrow issued a security notice, which fixed an arbitrary code execution vulnerability in the PyArrow library (CVE-2023-47248). Due to PyArrow reading Arrow IPC, Feather, or Parquet data from untrusted sources, PyExtensionType creates an automatic loading feature that allows for deserialization of data from non PyArrow sources. When using […]


The post Apache Arrow PyArrow Arbitrary Code Execution Vulnerability (CVS 2023-47248) Notification appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..


The post Apache Arrow PyArrow Arbitrary Code Execution Vulnerability (CVS 2023-47248) Notification appeared first on Security Boulevard.



NSFOCUS

Source: Security Boulevard
Source Link: https://securityboulevard.com/2023/11/apache-arrow-pyarrow-arbitrary-code-execution-vulnerability-cvs-2023-47248-notification/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.