Lucene search
+L

5 matches found

OSV
OSV
added 2024/08/21 3:28 p.m.48 views

GO-2022-0781 Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788) in github.com/goharbor/harbor

Harbor is vulnerable to a limited Server-Side Request Forgery SSRF CVE-2020-13788 in github.com/goharbor/harbor...

4.3CVSS4.4AI score0.01278EPSS
Exploits1References4
OSV
OSV
added 2022/02/11 11:17 p.m.89 views

GHSA-33P6-FX42-7RF5 Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788)

Impact Matt Hamilton from Soluble has discovered a limited Server-Side Request Forgery SSRF that allowed Harbor project owners to scan the TCP ports of hosts on the Harbor server's internal network. The vulnerability was immediately fixed by the Harbor team. Issue The “Test Endpoint” API, part of...

4.4CVSS4.4AI score0.01278EPSS
Exploits1References5
OSV
OSV
added 2020/07/15 9:15 p.m.44 views

CVE-2020-13788

Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet...

4.3CVSS6.6AI score0.01278EPSS
Exploits1References3
CVE
CVE
added 2020/07/15 8:4 p.m.74 views

CVE-2020-13788

Harbor (goHarbor) prior to 2.0.1 is affected by a limited SSRF vulnerability (CVE-2020-13788). If a user with project-edit permissions can access the API endpoint used to test a project webhook, they can scan TCP ports on hosts inside Harbor’s intranet. The root cause is a vulnerable “Test Endpoi...

4.3CVSS4.4AI score0.01278EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/07/15 8:4 p.m.54 views

CVE-2020-13788

Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet...

4.5AI score0.01278EPSS
Exploits1References3
Rows per page
Query Builder