Количество 2
Количество 2
CVE-2022-31671
Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs stored in the Harbor database.
GHSA-q76q-q8hw-hmpw
Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-31671 Harbor fails to validate user permissions when reading and updating job execution logs through the P2P preheat execution logs. By sending a request that attempts to read/update P2P preheat execution logs and specifying different job IDs, malicious authenticated users could read all the job logs stored in the Harbor database. | CVSS3: 7.4 | 0% Низкий | 7 месяцев назад |
| GHSA-q76q-q8hw-hmpw Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs | CVSS3: 5 | 0% Низкий | почти 3 года назад |
Уязвимостей на страницу