2 matches found
CVE-2021-36152
CVE-2021-36152 affects Apache Gobblin (Gobblin-as-a-Service) by using an insecure TrustManager that trusts all certificates for LDAP connections. Versions ≤ 0.15.0 are impacted; upgrading to 0.16.0 addresses the issue. No exploitation details are provided in the documents.
CVE-2021-36151
Summary: CVE-2021-36151 affects Apache Gobblin. The Hadoop token is written to a temporary file that is visible to all local users on Unix-like systems, enabling local information disclosure. Affected versions are 0.15.0 and earlier; the issue is addressed in 0.16.0. Root cause (as described in s...