/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
Max severity RCE flaw discovered in widely used Apache Parquet
(www.bleepingcomputer.com)
174 points
andy99
| 1 comments |
06 Apr 25 17:21 UTC
|
HN request time: 0.213s
|
source
Show context
formerly_proven
◴[
06 Apr 25 17:47 UTC
]
No.
43603309
[source]
▶
>>43603091 (OP)
#
As per the PoC, yes — this is the usual Java Deserialization RCE where it’ll instantiate arbitrary classes. Java serialization really is a gift that keeps on giving.
replies(2):
>>43603416
#
>>43603473
#
1.
◴[
06 Apr 25 18:04 UTC
]
No.
43603473
[source]
▶
>>43603309
#
ID:
GO
↑