Fixed Common Vulnerabilities and Exposures in Cloudera Manager 7.13.1 and its cumulative hotfixes
Common Vulnerabilities and Exposures (CVE) that are fixed in Cloudera Manager 7.13.1 and its cumulative hotfixes.
Cloudera Manager 7.13.1 CHF4 (7.13.1.400)
| CVEs | Package Name |
|---|---|
| CVE-2025-27636 | Apache Camel |
Cloudera Manager 7.13.1 CHF3 (7.13.1.300)
| CVEs | Package Name |
|---|---|
| CVE-2023-34442 | Apache Camel |
| CVE-2023-24998 | Apache Commons FileUpload |
| CVE-2024-53990 | AsyncHttpClient |
Cloudera Manager 7.13.1 CHF2 (7.13.1.200)
| CVEs | Package Name |
|---|---|
| CVE-2025-23184 | Apache CXF |
| CVE-2023-48795 | sshj |
| CVE-2024-47072 | XStream |
| CVE-2022-21699 | IPython |
| CVE-2015-5607 | IPython |
| CVE-2014-3429 | IPython |
| CVE-2015-4707 | IPython |
| CVE-2024-3651 | Idna |
| CVE-2012-5783 | httpclient |
| CVE-2014-3577 | httpclient |
| CVE-2020-13956 | httpclient |
| CVE-2015-5262 | httpclient |
| CVE-2012-6153 | httpclient |
Cloudera Manager 7.13.1 CHF1 (7.13.1.100)
| CVEs | Package Name |
|---|---|
| CVE-2023-44487 | Netty |
| CVE-2024-21634 | Ion-Java |
| CVE-2017-7536 | Hibernate-Validator |
| CVE-2018-1000873 | Jackson-databind |
| CVE-2017-15095 | Jackson-databind |
| CVE-2017-17485 | Jackson-databind |
| CVE-2017-7525 | Jackson-databind |
| CVE-2018-11307 | Jackson-databind |
| CVE-2018-14718 | Jackson-databind |
| CVE-2018-14719 | Jackson-databind |
| CVE-2018-7489 | Jackson-databind |
| CVE-2019-14379 | Jackson-databind |
| CVE-2019-14540 | Jackson-databind |
| CVE-2019-14892 | Jackson-databind |
| CVE-2019-16335 | Jackson-databind |
| CVE-2019-16942 | Jackson-databind |
| CVE-2019-16943 | Jackson-databind |
| CVE-2019-17267 | Jackson-databind |
| CVE-2019-17531 | Jackson-databind |
| CVE-2019-20330 | Jackson-databind |
| CVE-2020-8840 | Jackson-databind |
| CVE-2020-9547 | Jackson-databind |
| CVE-2020-9548 | Jackson-databind |
| CVE-2020-10673 | Jackson-databind |
| CVE-2018-5968 | Jackson-databind |
| CVE-2020-10650 | Jackson-databind |
| CVE-2020-24616 | Jackson-databind |
| CVE-2020-24750 | Jackson-databind |
| CVE-2020-35490 | Jackson-databind |
| CVE-2020-35491 | Jackson-databind |
| CVE-2020-36179 | Jackson-databind |
| CVE-2020-36180 | Jackson-databind |
| CVE-2020-36181 | Jackson-databind |
| CVE-2020-36182 | Jackson-databind |
| CVE-2020-36183 | Jackson-databind |
| CVE-2020-36184 | Jackson-databind |
| CVE-2020-36185 | Jackson-databind |
| CVE-2020-36186 | Jackson-databind |
| CVE-2020-36187 | Jackson-databind |
| CVE-2020-36188 | Jackson-databind |
| CVE-2020-36189 | Jackson-databind |
| CVE-2021-20190 | Jackson-databind |
| CVE-2018-12022 | Jackson-databind |
| CVE-2019-12086 | Jackson-databind |
| CVE-2019-14439 | Jackson-databind |
| CVE-2020-36518 | Jackson-databind |
| CVE-2022-42003 | Jackson-databind |
| CVE-2022-42004 | Jackson-databind |
| CVE-2019-12384 | Jackson-databind |
| CVE-2019-12814 | Jackson-databind |
| CVE-2020-13949 | Libthrift |
| CVE-2018-1320 | Libthrift |
| CVE-2019-0205 | Libthrift |
| CVE-2019-0210 | Libthrift |
| CVE-2018-11798 | Libthrift |
| CVE-2024-38808 | Spring Framework |
| CVE-2024-38829 | Spring ldap |
| CVE-2024-38821 | Spring Security |
| CVE-2024-38809 | Spring Framework |
| CVE-2024-38816 | Spring Framework |
| CVE-2024-38819 | Spring Framework |
| CVE-2024-38820 | Spring Framework |
