Go modules package
github.com/goharbor/harbor
pkg:golang/github.com/goharbor/harbor
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-19023 | Hig | 8.8 | >= 1.7.0, < 1.8.6 | 1.8.6 | Mar 20, 2020 | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform. | |
| CVE-2019-16097 | Med | 6.5 | >= 1.7.0, < 1.9.0-rc1 | 1.9.0-rc1 | Sep 8, 2019 | core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround without app |
- affected >= 1.7.0, < 1.8.6fixed 1.8.6
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.
- affected >= 1.7.0, < 1.9.0-rc1fixed 1.9.0-rc1
core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround without app
Page 2 of 2