Vulnerability Details CVE-2019-19026
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.6%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 4.0
References
- https://github.com/goharbor/harbor/security/advisories
- https://github.com/goharbor/harbor/security/advisories/GHSA-rh89-vvrg-fg64
- https://tanzu.vmware.com/security/cve-2019-19026
- https://github.com/goharbor/harbor/security/advisories
- https://github.com/goharbor/harbor/security/advisories/GHSA-rh89-vvrg-fg64
- https://tanzu.vmware.com/security/cve-2019-19026
Products affected by CVE-2019-19026
-
cpe:2.3:a:linuxfoundation:harbor:1.7.0
-
cpe:2.3:a:linuxfoundation:harbor:1.7.1
-
cpe:2.3:a:linuxfoundation:harbor:1.7.2
-
cpe:2.3:a:linuxfoundation:harbor:1.7.3
-
cpe:2.3:a:linuxfoundation:harbor:1.7.4
-
cpe:2.3:a:linuxfoundation:harbor:1.7.5
-
cpe:2.3:a:linuxfoundation:harbor:1.7.6
-
cpe:2.3:a:linuxfoundation:harbor:1.7.7
-
cpe:2.3:a:linuxfoundation:harbor:1.7.8
-
cpe:2.3:a:linuxfoundation:harbor:1.8.0
-
cpe:2.3:a:linuxfoundation:harbor:1.8.1
-
cpe:2.3:a:linuxfoundation:harbor:1.8.2
-
cpe:2.3:a:linuxfoundation:harbor:1.8.3
-
cpe:2.3:a:linuxfoundation:harbor:1.8.4
-
cpe:2.3:a:linuxfoundation:harbor:1.8.5
-
cpe:2.3:a:linuxfoundation:harbor:1.9.0
-
cpe:2.3:a:linuxfoundation:harbor:1.9.1
-
cpe:2.3:a:linuxfoundation:harbor:1.9.2
-
cpe:2.3:a:pivotal:vmware_harbor_registry:-