all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Apache Arrow PyArrow Arbitrary Code Execution Vulnerability (CVS 2023-47248) Notification

Add to bookmarks
Nov. 15, 2023, 6:48 a.m. | NSFOCUS

Security Boulevard securityboulevard.com

Overview Recently, NSFOCUS CERT found that Apache Arrow issued a security notice, which fixed an arbitrary code execution vulnerability in the PyArrow library (CVE-2023-47248). Due to PyArrow reading Arrow IPC, Feather, or Parquet data from untrusted sources, PyExtensionType creates an automatic loading feature that allows for deserialization of data from non PyArrow sources. When using […]


The post Apache Arrow PyArrow Arbitrary Code Execution Vulnerability (CVS 2023-47248) Notification appeared first on NSFOCUS, Inc., a global network and cyber security leader, …

apache arbitrary code arrow automatic blog cert code code execution cve cvs data deserialization emergency-response feather feature found ipc library notice notification pyarrow security security notice untrusted vulnerability

Visit resource

More from securityboulevard.com / Security Boulevard

Understanding the Link Between API Exposure and Vulnerability Risks an hour ago | securityboulevard.com
api apis application security architectures +19
Streamline NIS2 Compliance with Automation 3 hours ago | securityboulevard.com
automation complianc compliance nis2 +4
Cybersecurity Insights with Contrast CISO David Lindner | 5/3/24 4 hours ago | securityboulevard.com
application applications breach ciso +26
A Closer Look at Top 5 Vulnerabilities of April 2024 4 hours ago | securityboulevard.com
april closer critical cybersecurity +15
Insider Risk Digest: April 5 hours ago | securityboulevard.com
breaches cases digest dive +18
CVE-2024-27322 Should Never Have Been Assigned And R Data Files Are Still Super Risky Even … 7 hours ago | securityboulevard.com
big blog cert cisa +12
The Persistent Threat of Path Traversal Vulnerabilities in Software Development 7 hours ago | securityboulevard.com
advice advisory application protection best practices +34
Top 7 VAPT Testing Tools 7 hours ago | securityboulevard.com
applications automated autosect cyber +23
What is Proxmox VE – and Why You Should Live Patch It 9 hours ago | securityboulevard.com
address application security attacks business +31

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Intern, Cyber Security Vulnerability Management

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Compliance - Global Privacy Office - Associate - Bengaluru

@ Goldman Sachs | Bengaluru, Karnataka, India
View on infosec-jobs.com

Cyber Security Engineer (m/w/d) Operational Technology

@ MAN Energy Solutions | Oberhausen, DE, 46145
View on infosec-jobs.com

Armed Security Officer - Hospital

@ Allied Universal | Sun Valley, CA, United States
View on infosec-jobs.com

Governance, Risk and Compliance Officer (Africa)

@ dLocal | Lagos (Remote)
View on infosec-jobs.com

Junior Cloud DevSecOps Network Engineer

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com
View more jobs