Github.Com Goharbor Harbor vulnerabilities
22 known vulnerabilities affecting github.com/goharbor_harbor.
Total CVEs
22
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH6MEDIUM14LOW1
Vulnerabilities
Page 2 of 2
CVE-2024-22278P4HIGH≥ 0, < 2.9.5≥ 2.10.0, < 2.10.32024-07-31
CVE-2024-22278 [HIGH] CWE-269 Harbor fails to validate the user permissions when updating project configurations
Harbor fails to validate the user permissions when updating project configurations
### Impact
Harbor fails to validate the maintainer role permissions when creating/updating/deleting project configurations - API call:
- PUT /projects/{project_name_or_id}/metadatas/{meta_name}
- POST /projects/{project_name_or_id}/metadatas/{meta_name}
- DELETE /projects/{project_name_or_id}/metadata
ghsaosv
CVE-2025-32019P4MEDIUM≥ 2.12.0-rc1, < 2.12.4-rc1≥ 2.13.0-rc1, < 2.13.1-rc1+2 more2025-07-23
CVE-2025-32019 [MEDIUM] CWE-79 Harbor repository description page has Cross-site Scripting vulnerability
Harbor repository description page has Cross-site Scripting vulnerability
### Impact
In the Harbor repository information, it is possible to inject code resulting in a stored XSS issue.
### Patches
Harbor v2.12.3 Harbor 2.11.3
### Workarounds
No
### References
### Credit
[email protected]
ghsaosv
← Previous2 / 2