CPE-E61433E6-63C1-4AD5-BD28-099807E82A05 Detail

CPE Details

The Linux Foundation Harbor 1.7.8 Release Candidate 1

Vendor

linuxfoundation

Product

harbor

Version

1.7.8

Created

2021-03-17
12h54 +00:00

Modified

2021-03-18
15h29 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:linuxfoundation:harbor:1.7.8:rc1::::::

Informations

Vendor

linuxfoundation

Product

harbor

Version

1.7.8

Update

rc1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-31670	2024-11-14 11h45 +00:00	Harbor fails to validate the user permissions when updating tag retention policies. By sending a request to update a tag retention policy with an id that belongs to a project that the currently authenticated user doesn’t have access to, the attacker could modify tag retention policies configured in other projects.	7.7	High
CVE-2024-22278	2024-08-02 00h59 +00:00	Incorrect user permission validation in Harbor	6.4	Medium
CVE-2023-20902	2023-11-09 00h36 +00:00	A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and retrieve job task information.	6.5	Medium
CVE-2022-46463	2023-01-11 23h00 +00:00	An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature."	7.5	High
CVE-2019-19030	2022-12-25 23h00 +00:00	Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists.	5.3	Medium
CVE-2020-13788	2020-07-15 18h04 +00:00	Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.	4.3	Medium
CVE-2019-19023	2020-03-20 01h22 +00:00	Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.	8.8	High
CVE-2019-19029	2020-03-20 01h02 +00:00	Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform.	7.2	High
CVE-2019-19026	2020-03-20 01h01 +00:00	Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform.	4.9	Medium
CVE-2019-19025	2020-03-20 01h01 +00:00	Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform.	8.8	High

The Linux Foundation Harbor 1.7.8 Release Candidate 1

CPE Details

CPE Name: cpe:2.3:a:linuxfoundation:harbor:1.7.8:rc1:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:linuxfoundation:harbor:1.7.8:rc1::::::