apache arrow is vulnerable to information disclosure. In certain cases, arrays with null values could be built using uninitialized memory for their data segment, resulting in unintentional memory being shared over the wire.
github.com/apache/arrow/pull/4930
lists.apache.org/thread.html/49f067b1c5fb7493d952580f0d2d032819ba351f7a78743c21126269@%3Cdev.arrow.apache.org%3E
lists.apache.org/thread.html/49f067b1c5fb7493d952580f0d2d032819ba351f7a78743c21126269@<dev.arrow.apache.org>
lists.apache.org/thread.html/efd8bbf57427d3c303b5316d208a335f8d0c0dbe0dc4c87cfa995073@%3Cannounce.apache.org%3E