3 matches found
CVE-2022-31671
creationtimestamp| type| source ---|---|--- 2024-11-14 11:45:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113481135941683844 2024-11-14 14:08:43+00:00| seen| https://t.me/cvedetector/10934...
CVE-2022-31671 Harbor fails to validate the user permissions when reading and updating job execution logs through the P2P preheat execution logs
Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs...
CVE-2022-31671
Harbor (open source registry) contains an authorization issue in the P2P preheat execution logs: authenticated users could read all job logs by requesting different job IDs, indicating a permissions validation failure when reading/updating logs. The CVE entry is corroborated by multiple feeds (GH...