5 matches found
GO-2022-0781 Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788) in github.com/goharbor/harbor
Harbor is vulnerable to a limited Server-Side Request Forgery SSRF CVE-2020-13788 in github.com/goharbor/harbor...
GHSA-33P6-FX42-7RF5 Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788)
Impact Matt Hamilton from Soluble has discovered a limited Server-Side Request Forgery SSRF that allowed Harbor project owners to scan the TCP ports of hosts on the Harbor server's internal network. The vulnerability was immediately fixed by the Harbor team. Issue The “Test Endpoint” API, part of...
CVE-2020-13788
Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet...
CVE-2020-13788
Harbor (goHarbor) prior to 2.0.1 is affected by a limited SSRF vulnerability (CVE-2020-13788). If a user with project-edit permissions can access the API endpoint used to test a project webhook, they can scan TCP ports on hosts inside Harbor’s intranet. The root cause is a vulnerable “Test Endpoi...
CVE-2020-13788
Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet...