CVE-2019-19029

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-19029

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-19029.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-19029

Aliases

GHSA-jr34-mff8-pc6f
GHSA-qcfv-8v29-469w
GO-2022-0853

Related

GHSA-qcfv-8v29-469w

Published

2020-03-20T03:15:13Z

Modified

2024-11-21T04:34:01Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform.

References

https://github.com/goharbor/harbor/security/advisories
https://github.com/goharbor/harbor/security/advisories/GHSA-qcfv-8v29-469w
https://tanzu.vmware.com/security/cve-2019-19029

Affected packages

Git / github.com/goharbor/harbor

Affected ranges

Type: GIT
Repo: https://github.com/goharbor/harbor
Events: Introduced

8017a20e0c04a66367d71d6a9ea80c8430ee51ef

Fixed

5d2c4c2df6bbd5ecee385b48fe9f778ed95c506c