Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-3308

Malicious code in bioql PyPI...

7.7CVSS6.4AI score0.00296EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/02/14 7:42 a.m.3 views

SUSE CVE-2022-31668

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.7CVSS6.9AI score0.00296EPSS
Exploits0References3
OSV
OSV
added 2024/11/20 7:10 a.m.12 views

BIT-HARBOR-2022-31668 User permission validation failure and disclosure of P2P preheat execution logs

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.7CVSS7.3AI score0.00296EPSS
Exploits0References2
OSV
OSV
added 2024/11/14 12:31 p.m.16 views

GHSA-R864-28PW-8682 Harbor fails to validate the user permissions when updating p2p preheat policies

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.4CVSS7.2AI score0.00296EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/11/14 12:31 p.m.18 views

Harbor fails to validate the user permissions when updating p2p preheat policies

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.7CVSS6.6AI score0.00296EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2024/11/14 12:15 p.m.24 views

CVE-2022-31671

Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs...

7.4CVSS0.00513EPSS
Exploits0References2
NVD
NVD
added 2024/11/14 12:15 p.m.20 views

CVE-2022-31668

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.7CVSS0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/14 11:56 a.m.34 views

CVE-2022-31668 User permission validation failure and disclosure of P2P preheat execution logs

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.4CVSS0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/14 11:56 a.m.16 views

CVE-2022-31668 User permission validation failure and disclosure of P2P preheat execution logs

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.4CVSS6.7AI score0.00296EPSS
Exploits0References1
CVE
CVE
added 2024/11/14 11:56 a.m.85 views

CVE-2022-31668

Harbor (github.com/goharbor/harbor) is affected by CVE-2022-31668 due to improper permission validation when updating p2p preheat policies. A request to update a policy with an id belonging to a project the authenticated user cannot access could allow modification of p2p preheat policies in other...

7.7CVSS7.2AI score0.00296EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/11/14 11:56 a.m.8 views

CVE-2022-31668 User permission validation failure and disclosure of P2P preheat execution logs

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

7.4CVSS6.7AI score0.00296EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/14 11:42 a.m.18 views

CVE-2022-31671 Harbor fails to validate the user permissions when reading and updating job execution logs through the P2P preheat execution logs

Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs...

7.4CVSS6.5AI score0.00513EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/14 11:42 a.m.36 views

CVE-2022-31671 Harbor fails to validate the user permissions when reading and updating job execution logs through the P2P preheat execution logs

Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs...

7.4CVSS0.00513EPSS
Exploits0References2
OSV
OSV
added 2024/11/14 11:42 a.m.16 views

CVE-2022-31671 Harbor fails to validate the user permissions when reading and updating job execution logs through the P2P preheat execution logs

Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs...

7.4CVSS6.1AI score0.00513EPSS
Exploits0References4
OSV
OSV
added 2022/09/09 7:47 p.m.23 views

GHSA-Q76Q-Q8HW-HMPW Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs

Impact Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs - API call GET /projects/projectname/preheat/policies/preheatpolicyname/executions/executionid/tasks/taskid/logs By sending a request that attempts to read P2P preheat...

5CVSS7.4AI score0.00513EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/09/09 7:47 p.m.34 views

Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs

Impact Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs - API call GET /projects/projectname/preheat/policies/preheatpolicyname/executions/executionid/tasks/taskid/logs By sending a request that attempts to read P2P preheat...

7.4CVSS0.8AI score0.00513EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder