1. CVE-2023-47248: Critical PyArrow Vulnerability Enables Arbitrary Code Execution, Forces Major Version Jump
A critical deserialization vulnerability in the widely-used PyArrow data processing library exposes systems to arbitrary code execution. The flaw, tracked as CVE-2023-47248, resides within the library's IPC and Parquet readers. Attackers can exploit this by feeding maliciously crafted data to these components, potentia...