Vulnerabilities > Linuxfoundation > Harbor > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-02 | CVE-2024-22278 | Unspecified vulnerability in Linuxfoundation Harbor Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations. | 4.3 |
| 2023-01-13 | CVE-2022-46463 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Harbor An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. | 7.5 |
| 2021-02-02 | CVE-2020-29662 | Cleartext Transmission of Sensitive Information vulnerability in Linuxfoundation Harbor In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path. | 5.3 |
| 2020-09-30 | CVE-2020-13794 | Missing Authorization vulnerability in Linuxfoundation Harbor Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor. | 4.3 |
| 2020-07-15 | CVE-2020-13788 | Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Harbor Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet. | 4.3 |