VYPR
Medium severity6.2NVD Advisory· Published Apr 19, 2016· Updated Jun 17, 2026

CVE-2015-1776

CVE-2015-1776

Description

Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.hadoop:hadoop-commonMaven
>= 2.6.0, < 2.6.52.6.5

Affected products

6
  • Apache/Hadoop5 versions
    cpe:2.3:a:apache:hadoop:2.6.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:apache:hadoop:2.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:hadoop:2.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:hadoop:2.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:hadoop:2.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:hadoop:2.6.4:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 2.6.0, < 2.6.5

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.