Vulnerabilities > Linuxfoundation > Harbor > 1.7.0

DATE CVE VULNERABILITY TITLE RISK
2019-12-03 CVE-2019-3990 Improper Privilege Management vulnerability in Linuxfoundation Harbor
A User Enumeration flaw exists in Harbor.
network
low complexity
linuxfoundation CWE-269
4.3
4.3
2019-09-08 CVE-2019-16097 Missing Authorization vulnerability in Linuxfoundation Harbor
core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration.
network
low complexity
linuxfoundation CWE-862
6.5
6.5