Vulnerabilities (CVE)

Filtered by vendor Vmware Subscribe
Filtered by product Harbor Container Registry
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16919 2 Linuxfoundation, Vmware 3 Harbor, Cloud Foundation, Harbor Container Registry 2024-11-21 5.0 MEDIUM 7.5 HIGH
Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did not enforce the proper project permissions and project scope on the API request to create a new robot account.