Vulnerabilities > Pivotal > Vmware Harbor Registry > High

DATE CVE VULNERABILITY TITLE RISK
2020-03-20 CVE-2019-19029 SQL Injection vulnerability in multiple products
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform.
network
low complexity
linuxfoundation pivotal CWE-89
7.2
7.2
2020-03-20 CVE-2019-19025 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform.
network
low complexity
linuxfoundation pivotal CWE-352
8.8
8.8
2020-03-20 CVE-2019-19023 Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform.
network
low complexity
linuxfoundation pivotal
8.8
8.8