CVE-2021-36151: Exposure of Sensitive Information to an Unauthorized Actor
(updated )
In Apache Gobblin, the Hadoop token is written to a temp file that is visible to all local users on Unix-like systems. This affects Users should update to which addresses this issue.
References
Detect and mitigate CVE-2021-36151 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →