CVE-2026-42241
Stack Overflow in ParquetSharp via Decimal Column Width
Publication date: 2026-05-07
Last updated on: 2026-05-07
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| g-research | parquetsharp | From 18.1.0 (inc) to 23.0.0.1 (exc) |
| g-research | parquetsharp | 23.0.0.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-789 | The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in ParquetSharp can lead to a stack overflow and potential service crashes when processing untrusted Parquet files with excessively large decimal type widths. While this primarily impacts service availability, there is no direct information provided about how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability arises when ParquetSharp reads untrusted Parquet files containing decimal columns with excessively large widths, causing a stack overflow. Detection involves monitoring for crashes or stack overflow errors in services using ParquetSharp versions between 18.1.0 and before 23.0.0.1 when processing Parquet files.
To detect potential exploitation or presence of the vulnerability, you can:
- Check the version of ParquetSharp used in your application to ensure it is 23.0.0.1 or later, where the issue is fixed.
- Monitor application logs for stack overflow exceptions or crashes occurring during Parquet file processing.
- If you have access to the Parquet files being processed, inspect decimal column widths for unusually large values that could trigger the vulnerability.
There are no specific commands provided in the resources for detecting this vulnerability on a network or system. However, general approaches include:
- Using process monitoring tools (e.g., Windows Event Viewer, Linux system logs) to detect crashes or stack overflow errors in the service.
- Using debugging or profiling tools to trace stack usage during Parquet file processing.
- Scanning your application dependencies to identify the ParquetSharp version in use, for example, by checking package manifests or using commands like `dotnet list package` in .NET projects.
Can you explain this vulnerability to me?
This vulnerability exists in the ParquetSharp .NET library, specifically in the DecimalConverter.ReadDecimal method. The method uses stack allocation (stackalloc) with a size that can be controlled by an attacker through a decimal column width in a Parquet file. If an attacker supplies a decimal column with an unreasonably large width, it can cause a stack overflow.
This stack overflow can lead to crashes when the library reads untrusted Parquet files, especially in network service environments where such files are processed.
How can this vulnerability impact me? :
If you use ParquetSharp to read untrusted Parquet files, an attacker could craft a file with a very wide decimal column to trigger a stack overflow.
This can cause the service or application processing the file to crash, potentially leading to denial of service.
The impact is limited to availability, with no direct impact on confidentiality or integrity.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should update ParquetSharp to version 23.0.0.1 or later, which includes a fix that limits stack allocation size when reading decimal columns.
Additionally, avoid processing untrusted Parquet files with vulnerable versions of ParquetSharp to reduce the risk of stack overflow crashes.