Vulnerabilities > Linuxfoundation > Harbor > 1.9.0

DATE CVE VULNERABILITY TITLE RISK
2020-03-20 CVE-2019-19023 Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.
network
low complexity
linuxfoundation pivotal
8.8
8.8
2019-12-03 CVE-2019-3990 Improper Privilege Management vulnerability in Linuxfoundation Harbor
A User Enumeration flaw exists in Harbor.
network
low complexity
linuxfoundation CWE-269
4.3
4.3
2019-10-18 CVE-2019-16919 Incorrect Default Permissions vulnerability in multiple products
Harbor API has a Broken Access Control vulnerability.
network
low complexity
linuxfoundation vmware CWE-276
7.5
7.5
2019-09-08 CVE-2019-16097 Missing Authorization vulnerability in Linuxfoundation Harbor
core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration.
network
low complexity
linuxfoundation CWE-862
6.5
6.5