Linuxfoundation Harbor 2.0

CPE Details

Linuxfoundation Harbor 2.0
linuxfoundation
harbor
2.0
2021-02-08
13h25 +00:00
2021-03-18
15h29 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:linuxfoundation:harbor:2.0:*:*:*:*:*:*:*

Informations

Vendor

linuxfoundation

Product

harbor

Version

2.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-22278 2024-08-02 00h59 +00:00 Incorrect user permission validation in Harbor
6.4
Medium
CVE-2022-46463 2023-01-11 23h00 +00:00 An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature."
7.5
High
CVE-2020-29662 2021-02-02 19h54 +00:00 In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path.
5.3
Medium
CVE-2020-13794 2020-09-29 18h17 +00:00 Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor.
4.3
Medium
CVE-2020-13788 2020-07-15 18h04 +00:00 Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.
4.3
Medium