diff --git a/pkgs/development/python-modules/pyarrow-hotfix/default.nix b/pkgs/development/python-modules/pyarrow-hotfix/default.nix
new file mode 100644
index 000000000000..38a8dc4b6ea8
--- /dev/null
+++ b/pkgs/development/python-modules/pyarrow-hotfix/default.nix
@@ -0,0 +1,37 @@
+{ lib
+, buildPythonPackage
+, fetchFromGitHub
+, hatchling
+, pythonOlder
+}:
+
+buildPythonPackage rec {
+  pname = "pyarrow-hotfix";
+  version = "0.6";
+  pyproject = true;
+
+  disabled = pythonOlder "3.7";
+
+  src = fetchFromGitHub {
+    owner = "pitrou";
+    repo = "pyarrow-hotfix";
+    rev = "refs/tags/v${version}";
+    hash = "sha256-LlSbxIxvouzvlP6PB8J8fJaxWoRbxz4wTs7Gb5LbM4A=";
+  };
+
+  nativeBuildInputs = [
+    hatchling
+  ];
+
+  pythonImportsCheck = [
+    "pyarrow_hotfix"
+  ];
+
+  meta = with lib; {
+    description = "Hotfix for the PyArrow security vulnerability CVE-2023-47248";
+    homepage = "https://github.com/pitrou/pyarrow-hotfix";
+    changelog = "https://github.com/pitrou/pyarrow-hotfix/releases/tag/v${version}";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ fab ];
+  };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index cbbe4a9074f1..f96469dc1c39 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -10060,6 +10060,8 @@ self: super: with self; {
     inherit (pkgs) arrow-cpp cmake;
   };
 
+  pyarrow-hotfix = callPackage ../development/python-modules/pyarrow-hotfix { };
+
   pyasn = callPackage ../development/python-modules/pyasn { };
 
   pyasn1 = callPackage ../development/python-modules/pyasn1 { };