CVE-2024-22261
published 2024-06-11CVE-2024-22261: SQL-Injection in Harbor allows priviledge users to leak the task IDs
PriorityP432medium5.5CVSS 3.1
AVNACLPRHUINSUCHILAN
EPSS
0.42%
33.4th percentile
SQL-Injection in Harbor allows priviledge users to leak the task IDs
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | goharbor_harbor | >= 0 < 2.8.6 | 2.8.6 |
| github.com | goharbor_harbor | >= 0 < 2.8.6+incompatible | 2.8.6+incompatible |
| github.com | goharbor_harbor | >= 2.10.0 < 2.10.2 | 2.10.2 |
| github.com | goharbor_harbor | >= 2.10.0+incompatible < 2.10.2+incompatible | 2.10.2+incompatible |
| github.com | goharbor_harbor | >= 2.9.0 < 2.9.4 | 2.9.4 |
| github.com | goharbor_harbor | >= 2.9.0+incompatible < 2.9.4+incompatible | 2.9.4+incompatible |
| harbor | harbor | 2.10.0 – 2.10.1 | — |
| harbor | harbor | 2.8.1 – 2.8.5 | — |
| harbor | harbor | 2.9.0 – 2.9.3 | — |
| linuxfoundation | harbor | >= 2.10.0 < 2.10.2 | 2.10.2 |
| linuxfoundation | harbor | >= 2.8.1 < 2.8.6 | 2.8.6 |
| linuxfoundation | harbor | >= 2.9.0 < 2.9.4 | 2.9.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
SQL Injection in Harbor scan log API in github.com/goharbor/harbor
osv·2024-06-14
CVE-2024-22261 SQL Injection in Harbor scan log API in github.com/goharbor/harbor
SQL Injection in Harbor scan log API in github.com/goharbor/harbor
SQL Injection in Harbor scan log API in github.com/goharbor/harbor
GHSA
SQL Injection in Harbor scan log API
ghsa·2024-06-02
CVE-2024-22261 [LOW] CWE-566 SQL Injection in Harbor scan log API
SQL Injection in Harbor scan log API
### Impact
A user with an administrator, project_admin, or project_maintainer role could utilize and exploit SQL Injection to allow the execution of any Postgres function or the extraction of sensitive information from the database through this API:
```
GET /api/v2.0/projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/scan/{report_id}/log
```
The SQL injection might happen in the code:
https://github.com/goharbor/harbor/blob/9b7c1a2274fbc5ea16e19a484532f86c08926577/src/pkg/task/task.go#L241
Because raw SQL executed in ormer.Raw(Sql).QueryRows() is PrepareStatement. In the driver of Postgres, one PrepareStatement must contain only ONE SQL command, see https://www.postgresql.org/docs/15/libpq-exec.html#LIBPQ-PQPREPARE. The SQL
OSV
SQL Injection in Harbor scan log API
osv·2024-06-02
CVE-2024-22261 [LOW] SQL Injection in Harbor scan log API
SQL Injection in Harbor scan log API
### Impact
A user with an administrator, project_admin, or project_maintainer role could utilize and exploit SQL Injection to allow the execution of any Postgres function or the extraction of sensitive information from the database through this API:
```
GET /api/v2.0/projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/scan/{report_id}/log
```
The SQL injection might happen in the code:
https://github.com/goharbor/harbor/blob/9b7c1a2274fbc5ea16e19a484532f86c08926577/src/pkg/task/task.go#L241
Because raw SQL executed in ormer.Raw(Sql).QueryRows() is PrepareStatement. In the driver of Postgres, one PrepareStatement must contain only ONE SQL command, see https://www.postgresql.org/docs/15/libpq-exec.html#LIBPQ-PQPREPARE. The SQL
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-06-11
Published