Medium severity6.2NVD Advisory· Published Apr 19, 2016· Updated Jun 17, 2026
CVE-2015-1776
CVE-2015-1776
Description
Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.hadoop:hadoop-commonMaven | >= 2.6.0, < 2.6.5 | 2.6.5 |
Affected products
6Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-g48f-ff5h-5f64ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-1776ghsaADVISORY
- mail-archives.apache.org/mod_mbox/hadoop-general/201602.mbox/%3CCAGCyb56CPgQMcxZ7jP87SfM5OKGx+E49DtrzCTQ6+nQf2a4nSA@mail.gmail.com%3EghsaWEB
- mail-archives.apache.org/mod_mbox/hadoop-general/201602.mbox/%3CCAGCyb56CPgQMcxZ7jP87SfM5OKGx+E49DtrzCTQ6+nQf2a4nSA%40mail.gmail.com%3Envd
- www.securityfocus.com/bid/83259nvd
News mentions
0No linked articles in our index yet.