Apache Parquet Java < 1.15.1 - Remote Code Execution via Schema Parsing
Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code
Users are recommended to upgrade to version 1.15.1, which fixes the issue.