Overview Recently, NSFOCUS CERT found that Apache Arrow issued a security notice, which fixed an arbitrary code execution vulnerability in the PyArrow library (CVE-2023-47248). Due to PyArrow reading Arrow IPC, Feather, or Parquet data from untrusted sources, PyExtensionType creates an automatic loading feature that allows for deserialization of data from non PyArrow sources. When using […]
The post Apache Arrow PyArrow Arbitrary Code Execution Vulnerability (CVS 2023-47248) Notification appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..
The post Apache Arrow PyArrow Arbitrary Code Execution Vulnerability (CVS 2023-47248) Notification appeared first on Security Boulevard.