Vulnerabilities > Cloudera > Data Engineering > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-15 | CVE-2021-3167 | Information Exposure vulnerability in Cloudera Data Engineering 1.3.0 In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs. | 4.0 |
| 2020-11-26 | CVE-2020-26936 | Cross-Site Request Forgery (CSRF) vulnerability in Cloudera Data Engineering Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. | 6.8 |