Browse all 5 CVE security advisories affecting Harbor. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Harbor serves as an open-source container registry for storing and distributing container images, primarily used in CI/CD pipelines. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and authentication flaws. Notable security characteristics include its role in the CNCF ecosystem and integration with container orchestration platforms. While no major public incidents have been widely documented, the five CVEs on record highlight potential risks in web interfaces and API endpoints, emphasizing the need for regular updates and secure configuration in containerized environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-20902 | Timing attack risk in Harbor — Project | 5.9 | Medium | 2023-11-09 |
This page lists every published CVE security advisory associated with Harbor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.