Search for packages
| purl | pkg:pypi/pyarrow@0.13.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7wzb-dv7h-jkdm
Aliases: CVE-2019-12410 GHSA-cjw4-2w9r-r8mv PYSEC-2019-196 |
While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory could potentially be shared if are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:05:56.777742+00:00 | Pypa Importer | Affected by | VCID-7wzb-dv7h-jkdm | https://github.com/pypa/advisory-database/blob/main/vulns/pyarrow/PYSEC-2019-196.yaml | 38.6.0 |