exploitDog

GHSA-q5rx-8c2h-5q7j

Опубликовано: 06 фев. 2022

Источник: github

Github: Прошло ревью

CVSS3: 9.8

Описание

Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service

Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue.

Ссылки

Пакеты

Наименование

org.apache.gobblin:gobblin-core

maven

Затронутые версииВерсия исправления

< 0.16.0

0.16.0

EPSS

Процентиль: 79%

0.01283

Низкий

9.8 Critical

CVSS3

CVE ID

Связанные уязвимости

CVE-2021-36152

CVSS3: 9.8

nvd

около 4 лет назад

Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue.

EPSS

Процентиль: 79%

0.01283

Низкий

9.8 Critical

CVSS3

CVE ID