Affected by GO-2022-0704
and 8 other vulnerabilities
GO-2022-0704 : Unauthenticated users can exploit an enumeration vulnerability in Harbor (CVE-2019-19030) in github.com/goharbor/harbor
GO-2022-0781 : Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788) in github.com/goharbor/harbor
GO-2022-0785 : "catalog's registry v2 api exposed on unauthenticated path in Harbor" in github.com/goharbor/harbor
GO-2022-0818 : Missing Authorization in Harbor in github.com/goharbor/harbor
GO-2022-0865 : Authenticated users can exploit an enumeration vulnerability in Harbor in github.com/goharbor/harbor
GO-2023-2109 : Harbor timing attack risk in github.com/goharbor/harbor
GO-2024-2915 : Open Redirect URL in Harbor in github.com/goharbor/harbor
GO-2024-2916 : SQL Injection in Harbor scan log API in github.com/goharbor/harbor
GO-2024-3013 : Harbor fails to validate the user permissions when updating project configurations in github.com/goharbor/harbor
Discover Packages
github.com/goharbor/harbor
src
common
utils
notary
package
Version:
v1.8.6
Opens a new window with list of versions in this module.
Published: Nov 15, 2019
License: Apache-2.0
Opens a new window with license information.
Imports: 16
Opens a new window with list of imports.
Imported by: 64
Opens a new window with list of known importers.
Documentation
Documentation
¶
DigestFromTarget get a target and return the value of digest, in accordance to Docker-Content-Digest
type Target struct {
Tag string `json:"tag"`
Hashes data .Hashes `json:"hashes"`
}
Target represents the json object of a target of a docker image in notary.
The struct will be used when repository is know so it won'g contain the name of a repository.
GetInternalTargets wraps GetTargets to read config values for getting full-qualified repo from internal notary instance.
GetTargets is a help function called by API to fetch signature information of a given repository.
Per docker's convention the repository should contain the information of endpoint, i.e. it should look
like "192.168.0.1/library/ubuntu", instead of "library/ubuntu" (fqRepo for fully-qualified repo)
Source Files
¶
Directories
¶
Click to show internal directories.
Click to hide internal directories.