2024-11-19
This article describes a vulnerability (CVE-2022-31670) in Harbor, an open-source container registry project. The vulnerability allows an attacker with unprivileged access to modify tag retention policies for projects they shouldn’t have access to.
Vulnerability :
Platform: Harbor
Version: Unaffected versions not specified (all versions before 2.5.2 likely vulnerable)
Vulnerability: Improper Authorization
Severity: Not available in provided resources
Date: November 14, 2024 (NVD Published Date)
What Undercode Says:
This vulnerability could allow an attacker to manipulate how long container images are stored in Harbor, potentially leading to wasted storage space or loss of important images. Users of Harbor should upgrade to version 2.5.2 or later to address this vulnerability.
Additional Notes:
The severity of this vulnerability is not explicitly stated in the provided resources.
Specific versions of Harbor that are not vulnerable are not mentioned.
It’s important to consult official Harbor documentation and advisories for the latest information on this vulnerability and recommended mitigation strategies.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help