Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation harbor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20902
A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and retrieve job task information.
Linuxfoundation Harbor
5
CVSSv2
CVE-2020-29662
In Harbor 2.0 prior to 2.0.5 and 2.1.x prior to 2.1.2 the catalog’s registry API is exposed on an unauthenticated path.
Linuxfoundation Harbor
NA
CVE-2022-46463
An access control issue in Harbor v1.X.X to v2.5.3 allows malicious users to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature."
Linuxfoundation Harbor
3 Github repositories
NA
CVE-2019-19030
Cloud Native Computing Foundation Harbor prior to 1.10.3 and 2.x prior to 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists.
Linuxfoundation Harbor
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2