Vulnerabilities > Linuxfoundation > Harbor > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-20 | CVE-2019-19026 | SQL Injection vulnerability in multiple products Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform. | 4.9 |
| 2019-12-03 | CVE-2019-3990 | Improper Privilege Management vulnerability in Linuxfoundation Harbor A User Enumeration flaw exists in Harbor. | 4.3 |
| 2019-09-08 | CVE-2019-16097 | Missing Authorization vulnerability in Linuxfoundation Harbor core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. | 6.5 |