oss-sec mailing list archives
CVE-2021-36152: Apache Gobblin: Insecure TrustManager used in LDAP connections
From: Abhishek Tiwari <abti () apache org>
Date: Thu, 3 Feb 2022 10:07:26 -0800
Severity: low Description: Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue. Credit: Apache Gobblin would like to thank Simon Gerst for reporting this issue.
Current thread:
- CVE-2021-36152: Apache Gobblin: Insecure TrustManager used in LDAP connections Abhishek Tiwari (Feb 03)