Lucene search

Harbor Security Vulnerabilities - 2020

cve

CVE-2019-19023

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.

8.8CVSS

8.5AI Score

0.001EPSS

2020-03-20 03:15 AM

cve

CVE-2019-19025

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform.

8.8CVSS

8.5AI Score

0.002EPSS

2020-03-20 03:15 AM

cve

CVE-2019-19026

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform.

4.9CVSS

6AI Score

0.001EPSS

2020-03-20 03:15 AM

cve

CVE-2019-19029

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform.

7.2CVSS

7.5AI Score

0.002EPSS

2020-03-20 03:15 AM

cve

CVE-2020-13788

Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.

4.3CVSS

4.4AI Score

0.001EPSS

2020-07-15 09:15 PM

cve

CVE-2020-13794

Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor.

4.3CVSS

4.4AI Score

0.001EPSS

2020-09-30 06:15 PM