Critical CVE-2025-30065 April 2026 · 8 min read

CVE-2025-30065: Apache Parquet Schema Deserialization RCE

A maximum-severity remote code execution vulnerability in Apache Parquet's Java library allows attackers to execute arbitrary code on any system that reads a maliciously crafted Parquet file. CVSS 10.0. Affects virtually every big data pipeline using the Parquet format — Spark, Flink, Hive, and cloud data warehouses.


10.0
CRITICAL (MAX)
AttributeValue
CVE IDCVE-2025-30065
CVSS VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWECWE-502: Deserialization of Untrusted Data
PublishedApril 1, 2025
ExploitationNo active exploitation reported (public PoC exists)

What Is CVE-2025-30065?

Apache Parquet is a columnar storage format widely used in big data ecosystems. The parquet-avro module in versions up to 1.15.0 contains a deserialization vulnerability in the schema parsing code. When a Java application reads a Parquet file containing a crafted Avro schema, the parser deserializes attacker-controlled class references, leading to arbitrary code execution in the context of the reading application.

This is particularly dangerous because data pipelines routinely ingest Parquet files from external sources: S3 buckets, data partners, user uploads, ETL integrations. Any pipeline that processes untrusted Parquet files is vulnerable.

⚠ Supply Chain Attack Vector

CVE-2025-30065 creates a compelling supply chain attack scenario: an attacker who can inject malicious Parquet files into a data pipeline (via compromised data vendor, S3 bucket misconfiguration, or man-in-the-middle attack) gains code execution in the data processing infrastructure — potentially AWS EMR, Databricks, Azure HDInsight, or on-premises Hadoop clusters running with privileged cloud credentials.

Affected Systems

ComponentAffected VersionsFixed Version
parquet-avro (Java)<= 1.15.01.15.1+
Apache Spark (uses parquet-avro)Any using affected libraryUpdate library
Apache FlinkAny using affected libraryUpdate library
Apache HiveAny using affected libraryUpdate library
Amazon EMRVersions using parquet-avro <= 1.15.0Upgrade EMR or override JAR
Databricks RuntimeVersions using affected libraryDatabricks patch DBR versions

Technical Details

The vulnerability is in the AvroSchemaConverter class within parquet-avro. When converting Parquet schema to Avro schema, the code processes schema metadata that can contain arbitrary class names. These class names are used in reflective instantiation without allowlist validation.

# Conceptual representation of vulnerable code path
public Schema convert(MessageType parquetSchema) {
    // Schema metadata can contain attacker-controlled strings
    String javaClass = parquetSchema.getField("java_class");
    // Dangerous: instantiates arbitrary class from string
    Class clazz = Class.forName(javaClass);  // RCE here
    return clazz.newInstance();
}
# Crafted Parquet file with malicious schema (conceptual)
{
  "schema": {
    "type": "record",
    "name": "exploit",
    "fields": [],
    "java_class": "com.sun.org.apache.xalan.internal.xsltc.trax.TemplatesImpl",
    "avro.java.string": "[base64-encoded malicious bytecode]"
  }
}

Gadget Chain Exploitation

The attacker creates a Parquet file where the Avro schema metadata references a Java gadget chain — a sequence of class instantiations that ultimately leads to arbitrary code execution. Commons Collections, Spring Framework, and other common Java libraries provide suitable gadget chains for this attack.

Who Is Exposed

Any Java application that:

High-risk environments include:

Mitigation

  1. Upgrade parquet-java to 1.15.1+: The fix adds allowlist validation for class names in schema metadata
  2. Audit Parquet file sources: Inventory all locations where Parquet files enter your environment
  3. Implement file source validation: Only process Parquet files from cryptographically verified sources
  4. Run data pipelines with minimal privileges: Limit the blast radius by ensuring pipeline execution roles have least-privilege IAM policies
  5. Network egress restrictions: Data processing clusters should have restricted outbound internet access to limit post-exploitation impact
  6. Deploy Java deserialization protections: Tools like SerialKiller can provide defense-in-depth against deserialization attacks

KENSAI Detection Capability

Is Your Data Pipeline Vulnerable to CVE-2025-30065?

KENSAI scans your Java applications, container images, and cloud data infrastructure for vulnerable Parquet versions. Protect your data pipelines before attackers exploit them.

Scan Your Data Infrastructure →

Related Articles

المفوضية الأوروبية تحقق في اختراق سحابة AWS، المجلس يفرض عقوبات على شركات سيبران Redirecting... LeakNet Ransomware Adopts ClickFix + Deno Runtime