Harbor Security Vulnerabilities and Issues — Harbor CVE List

Lucene search

LinuxfoundationHarbor

6 matches found

CVE•added 2020/03/20 3:15 a.m.•99 views

CVE-2019-19029

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform.

7.2CVSS7.5AI score0.01116EPSS

CVE•added 2020/03/20 3:15 a.m.•98 views

CVE-2019-19023

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.

8.8CVSS8.5AI score0.00801EPSS

CVE•added 2020/03/20 3:15 a.m.•98 views

CVE-2019-19025

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform.

8.8CVSS8.5AI score0.013EPSS

CVE•added 2020/03/20 3:15 a.m.•97 views

CVE-2019-19026

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform.

4.9CVSS6AI score0.00571EPSS

CVE•added 2020/09/30 6:15 p.m.•53 views

CVE-2020-13794

Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor.

4.3CVSS4.4AI score0.00205EPSS

CVE•added 2020/07/15 9:15 p.m.•52 views

CVE-2020-13788

Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.

4.3CVSS4.4AI score0.00719EPSS