Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Timing attack risk in Harbor
Vulnerability Description
A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and retrieve job task information.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
Harbor 竞争条件问题漏洞
Vulnerability Description
Harbor是Harbor开源的一个开源注册表。通过策略和基于角色的访问控制来保护工件,确保图像被扫描并且没有漏洞,并将图像签名为可信的。 Harbor 2.6.x版本及之前版本、2.7.2版本及之前版本、2.8.2版本及之前版本、1.10.17版本存在安全漏洞据。攻击者利用该漏洞可以创建或停止作业任务并检索作业任务信息。
CVSS Information
N/A
Vulnerability Type
N/A