Lucene search
K

8 matches found

Vulnrichment
Vulnrichment
added 2026/03/23 2:47 p.m.1 views

CVE-2026-4404 Use of hard coded credentials in GoHarbor Harbor

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...

5.8AI score0.00498EPSS
Exploits0References4
OSV
OSV
added 2024/08/21 3:29 p.m.28 views

GO-2022-0865 Authenticated users can exploit an enumeration vulnerability in Harbor in github.com/goharbor/harbor

Authenticated users can exploit an enumeration vulnerability in Harbor in github.com/goharbor/harbor...

4.3CVSS4.5AI score0.01266EPSS
Exploits1References6
OSV
OSV
added 2024/08/21 3:29 p.m.16 views

GO-2022-0818 Missing Authorization in Harbor in github.com/goharbor/harbor

Missing Authorization in Harbor in github.com/goharbor/harbor...

6.5CVSS6.3AI score0.23284EPSS
Exploits5References9
OSV
OSV
added 2024/08/21 3:21 p.m.29 views

GO-2022-0704 Unauthenticated users can exploit an enumeration vulnerability in Harbor (CVE-2019-19030) in github.com/goharbor/harbor

Unauthenticated users can exploit an enumeration vulnerability in Harbor CVE-2019-19030 in github.com/goharbor/harbor...

5.3CVSS5.2AI score0.01891EPSS
Exploits1References3
OSV
OSV
added 2024/06/14 1:41 p.m.25 views

GO-2024-2916 SQL Injection in Harbor scan log API in github.com/goharbor/harbor

SQL Injection in Harbor scan log API in github.com/goharbor/harbor...

5.5CVSS5.3AI score0.00417EPSS
Exploits0References2
Veracode
Veracode
added 2022/09/29 10:2 a.m.21 views

Improper Authorization

github.com/goharbor/harbor is vulnerable to improper authorization. A remote authenticated attacker is able to revoke the permissions or impersonate a robot account due to improper validation of the user permissions when updating the robot account through the vulnerable updateV2Robot function...

6.4CVSS6.1AI score0.00499EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2021/02/03 12:40 p.m.23 views

Authorization Bypass

github.com/goharbor/harbor is vulnerable to authorization bypass. An attacker is able to gain unauthorized access to the catalog’s registry v2 API by using the path GET /v2/catalog/...

5.3CVSS4AI score0.00722EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2019/09/06 6:10 a.m.19 views

Unauthorised Admin User Account Creation

https://github.com/goharbor/harbor is vulnerable to unauthorized admin user account creation. During a registration of a non-admin user, a request from non-admin user to create admin user account is not validated, allowing a low-privileged user to create an admin user account...

6.5CVSS2.2AI score0.23284EPSS
Exploits5References9Affected Software1
Rows per page
Query Builder