Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation harbor vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-3990
A User Enumeration flaw exists in Harbor. The issue is present in the "/users" API endpoint. This endpoint is supposed to be restricted to administrators. This restriction is able to be bypassed and information can be obtained about registered users can be obtained via ...
Linuxfoundation Harbor
Linuxfoundation Harbor 1.9.0
Linuxfoundation Harbor 1.9.1
7.5
CVSSv3
CVE-2019-16919
Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did ...
Linuxfoundation Harbor
Linuxfoundation Harbor 1.9.0
Vmware Cloud Foundation -
Vmware Harbor Container Registry
6.5
CVSSv3
CVE-2019-16097
core/api/user.go in Harbor 1.7.0 up to and including 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround...
Linuxfoundation Harbor 1.7.0
Linuxfoundation Harbor 1.7.1
Linuxfoundation Harbor 1.7.2
Linuxfoundation Harbor 1.7.3
Linuxfoundation Harbor 1.7.4
Linuxfoundation Harbor 1.7.5
Linuxfoundation Harbor 1.8.0
Linuxfoundation Harbor 1.8.1
Linuxfoundation Harbor 1.8.2
Linuxfoundation Harbor 1.9.0
6 Github repositories
1 Article
8.6
CVSSv3
CVE-2017-17697
The Ping() function in ui/api/target.go in Harbor up to and including 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping.
Linuxfoundation Harbor
Linuxfoundation Harbor 1.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2