CVE Tools

cloudera

Cloud & SaaSUScommercial

39

Cumulative CVEs

7

Monthly snapshots

#29

Peak rank

Top products

cloudera manager4 hue2

Latest CVEs

The 15 most recently published vulnerabilities affecting cloudera.

CVE-2025-3884Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability7.5May 22, 2025
CVE-2021-32483Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard.5.3Nov 8, 2021
CVE-2021-30132Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.9.8Nov 8, 2021
CVE-2021-29243Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS.6.1Nov 8, 2021
CVE-2021-32482Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter.6.1Nov 8, 2021
CVE-2021-29994Cloudera Hue 4.6.0 allows XSS.6.1Nov 8, 2021
CVE-2021-32481Cloudera Hue 4.6.0 allows XSS via the type parameter.6.1Nov 8, 2021
CVE-2021-3167In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs.6.5Mar 15, 2021
CVE-2020-26936Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.8.8Nov 26, 2020
CVE-2019-14449An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting (XSS) when viewed within this ...5.4Nov 26, 2019
CVE-2016-9271Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature.5.4Nov 26, 2019
CVE-2017-7399Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of tho...8.8Nov 26, 2019
CVE-2019-7319An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend...8.3Nov 26, 2019
CVE-2018-20090An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder.8.3Nov 26, 2019
CVE-2018-17860Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1.7.2Nov 26, 2019