Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation harbor vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-16097
core/api/user.go in Harbor 1.7.0 up to and including 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround...
Linuxfoundation Harbor 1.7.0
Linuxfoundation Harbor 1.8.2
Linuxfoundation Harbor 1.9.0
Linuxfoundation Harbor 1.7.1
Linuxfoundation Harbor 1.8.0
Linuxfoundation Harbor 1.7.3
Linuxfoundation Harbor 1.7.4
Linuxfoundation Harbor 1.7.5
Linuxfoundation Harbor 1.7.2
Linuxfoundation Harbor 1.8.1
6 Github repositories
1 Article
4.3
CVSSv3
CVE-2019-3990
A User Enumeration flaw exists in Harbor. The issue is present in the "/users" API endpoint. This endpoint is supposed to be restricted to administrators. This restriction is able to be bypassed and information can be obtained about registered users can be obtained via ...
Linuxfoundation Harbor
Linuxfoundation Harbor 1.9.0
Linuxfoundation Harbor 1.9.1
8.6
CVSSv3
CVE-2017-17697
The Ping() function in ui/api/target.go in Harbor up to and including 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping.
Linuxfoundation Harbor 1.3.0
Linuxfoundation Harbor
7.5
CVSSv3
CVE-2019-16919
Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did ...
Linuxfoundation Harbor
Linuxfoundation Harbor 1.9.0
Vmware Harbor Container Registry
Vmware Cloud Foundation -
8.8
CVSSv3
CVE-2019-19025
Cloud Native Computing Foundation Harbor before 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform.
Linuxfoundation Harbor
Pivotal Vmware Harbor Registry -
4.9
CVSSv3
CVE-2019-19026
Cloud Native Computing Foundation Harbor before 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform.
Linuxfoundation Harbor
Pivotal Vmware Harbor Registry -
7.2
CVSSv3
CVE-2019-19029
Cloud Native Computing Foundation Harbor before 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform.
Linuxfoundation Harbor
Pivotal Vmware Harbor Registry -
8.8
CVSSv3
CVE-2019-19023
Cloud Native Computing Foundation Harbor before 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.
Linuxfoundation Harbor
Pivotal Vmware Harbor Registry -
6.5
CVSSv3
CVE-2023-20902
A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and retrieve job task information.
Linuxfoundation Harbor
4.3
CVSSv3
CVE-2020-13794
Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor.
Linuxfoundation Harbor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »