CVE-2025-30065
Does the platform itself leverage Parquet files? Or would it only be in situations where Hadoop or S3 is used? I am trying to gauge the impact to my platforms for the client advisory.
Infosys Limited
NL
@DPCLARK12 - I have the same question.
HCA Healthcare
US
@DPCLARK12 Pega Platform itself does not use Apache Parquet files by default in its core operations. Parquet is typically involved only when the system integrates with external big data systems like Hadoop, Spark, or when data is stored in S3 using formats like Parquet for analytics or data lake purposes. If your implementation does not explicitly use Parquet for exporting or processing data (e.g., via BIX, Data Flows, or custom connectors), then the CVE-2025-30065 vulnerability likely does not impact your environment. However, if your Pega application connects to a big data platform or uses Parquet files for data exchange, then you should assess whether any vulnerable library versions are in use. It's a good idea to confirm this with your infrastructure or data engineering team and apply security patches if needed.