{"library":"pyarrow-hotfix","type":"library","category":null,"description":"Pyarrow-hotfix is a pure Python package designed to mitigate the PyArrow security vulnerability CVE-2023-47248, which affected PyArrow versions 0.14.0 to 14.0.0. It disables the vulnerable deserialization feature, offering a temporary solution for users unable to immediately upgrade to PyArrow 14.0.1 or later. The library is released on an as-needed basis for security patches.","language":"python","status":"active","version":"0.7","tags":["security","pyarrow","hotfix","vulnerability","CVE-2023-47248"],"install":[{"cmd":"pip install pyarrow-hotfix","imports":["import pyarrow_hotfix"]}],"homepage":null,"github":"https://github.com/pitrou/pyarrow-hotfix#readme","docs":"https://github.com/pitrou/pyarrow-hotfix#readme","changelog":null,"pypi":"https://pypi.org/project/pyarrow-hotfix/","npm":null,"openapi_spec":null,"status_page":null,"smithery":null,"compatibility":{"summary":{"python_range":"3.10–3.9","success_rate":100,"avg_install_s":1.5,"avg_import_s":0,"wheel_type":"wheel"},"url":"https://checklist.day/v1/registry/pyarrow-hotfix/compatibility"},"provenance":{"verified_status":"passing","verified_at":"Sun Jun 28","last_verified":"Sun Jun 28","next_check":"Tue Jul 28","install_tag":"verified"}}