3 matches found
Improper Certificate Validation
org.apache.gobblin, gobblin-core is vulnerable to Improper Certificate Validation. The vulnerability is due to the application trusting all certificates for LDAP connections in Gobblin-as-a-Service, which allows an attacker to perform man-in-the-middle attacks using malicious certificates...
CVE-2021-36152
Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions = 0.15.0. Users should update to version 0.16.0 which addresses this issue...
Apache Gobblin 信任管理问题漏洞
Apache Gobblin is a distributed data integration framework from the Apache Foundation USA. Used to simplify common aspects of big data integration, Apache Gobblin is vulnerable to a trust management issue that stems from Apache Gobblin trusting all certificates used for LDAP connections in...