{"schema_version": "1.6.1", "id": "CVE-2021-36151", "summary": "Local Credentials Disclosure Vulnerability", "details": "In Apache Gobblin, the Hadoop token is written to a temp file that is visible to all local users on Unix-like systems. This affects versions <= 0.15.0. Users should update to version 0.16.0 which addresses this issue. ", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "Apache Gobblin"}, {"last_affected": "Apache Gobblin"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread/3cdkyxdd6xk05lsvr3l66dsnvhwyo1t0"}]}