github.com/goharbor/harbor is vulnerable to information disclosure. The vulnerability exists as it was possible to enumerate users with the /api/users/search
endpoint.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/goharbor/harbor | eq | HEAD | |
github.com/goharbor/harbor | le | v1.9.2 | |
github.com/goharbor/harbor | le | 1.8.5 |
github.com/goharbor/harbor/commit/7910e9f239b82c21657bbb42d47fcff6e67a5cba
github.com/goharbor/harbor/commit/9396cb60c6ccee5542170e010ecd577acadf0dba
github.com/goharbor/harbor/pull/9746
github.com/goharbor/harbor/pull/9817
github.com/goharbor/harbor/security/advisories/GHSA-6qj9-33j4-rvhg
www.tenable.com/security/research/tra-2019-50