An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature."
7.5CVSS
7.4AI Score
0.064EPSS
A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access tocreate jobs/stop job tasks and retrieve job task information.
6.5CVSS
6.2AI Score
0.001EPSS