Known Vulnerabilities for Harbor by Linuxfoundation
Listed below are 10 of the newest known vulnerabilities associated with "Harbor" by "Linuxfoundation".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-20902 json | A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below ... | 6.5 - MEDIUM | 2023-11-09 | 2023-11-16 |
| CVE-2022-46463 json | ** DISPUTED ** An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image reposit... | 7.5 - HIGH | 2023-01-13 | 2023-11-07 |
| CVE-2020-29662 json | In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path. | 5.3 - MEDIUM | 2021-02-02 | 2021-02-08 |
| CVE-2020-13794 json | Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor. | 4.3 - MEDIUM | 2020-09-30 | 2021-07-21 |
| CVE-2020-13788 json | Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts... | 4.3 - MEDIUM | 2020-07-15 | 2020-07-22 |
| CVE-2019-19030 json | Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticat... | 5.3 - MEDIUM | 2022-12-26 | 2023-01-06 |
| CVE-2019-19029 json | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor C... | 7.2 - HIGH | 2020-03-20 | 2021-05-21 |
| CVE-2019-19026 json | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbo... | 4.9 - MEDIUM | 2020-03-20 | 2021-05-21 |
| CVE-2019-19025 json | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the... | 8.8 - HIGH | 2020-03-20 | 2021-05-19 |
| CVE-2019-19023 json | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harb... | 8.8 - HIGH | 2020-03-20 | 2021-05-19 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Linuxfoundation | Harbor | 2.2.0 | |||
| Application | Linuxfoundation | Harbor | 2.2.0 | |||
| Application | Linuxfoundation | Harbor | 2.2.0 | |||
| Application | Linuxfoundation | Harbor | 2.2.0 | |||
| Application | Linuxfoundation | Harbor | 2.2.0 | |||
| Application | Linuxfoundation | Harbor | 2.1.4 | |||
| Application | Linuxfoundation | Harbor | 2.1.4 | |||
| Application | Linuxfoundation | Harbor | 2.1.4 | |||
| Application | Linuxfoundation | Harbor | 2.1.3 | |||
| Application | Linuxfoundation | Harbor | 2.1.3 | |||
| Application | Linuxfoundation | Harbor | 2.1.3 | |||
| Application | Linuxfoundation | Harbor | 2.1.2 | |||
| Application | Linuxfoundation | Harbor | 2.1.2 | |||
| Application | Linuxfoundation | Harbor | 2.1.1 | |||
| Application | Linuxfoundation | Harbor | 2.1.1 | |||
| Application | Linuxfoundation | Harbor | 2.1.0 | |||
| Application | Linuxfoundation | Harbor | 2.1.0 | |||
| Application | Linuxfoundation | Harbor | 2.1.0 | |||
| Application | Linuxfoundation | Harbor | 2.1.0 | |||
| Application | Linuxfoundation | Harbor | 2.0.6 |