The Linux Foundation Harbor 0.3.0

CPE Details

The Linux Foundation Harbor 0.3.0
linuxfoundation
harbor
0.3.0
2020-04-01
13h03 +00:00
2020-04-01
13h03 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:linuxfoundation:harbor:0.3.0:*:*:*:*:*:*:*

Informations

Vendor

linuxfoundation

Product

harbor

Version

0.3.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-22278 2024-08-02 00h59 +00:00 Incorrect user permission validation in Harbor
6.4
Medium
CVE-2023-20902 2023-11-09 00h36 +00:00 A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below,  Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and retrieve job task information.
6.5
Medium
CVE-2019-19030 2022-12-25 23h00 +00:00 Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists.
5.3
Medium
CVE-2020-13788 2020-07-15 18h04 +00:00 Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.
4.3
Medium
CVE-2017-17697 2017-12-15 08h00 +00:00 The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping.
8.6
High