Vulnerability Report: GO-2022-0785
- CVE-2020-29662, GHSA-38r5-34mr-mvm7
- Affects: github.com/goharbor/harbor
- Published: Aug 21, 2024
- Unreviewed
"catalog's registry v2 api exposed on unauthenticated path in Harbor" in github.com/goharbor/harbor
For detailed information about this vulnerability, visit https://github.com/goharbor/harbor/security/advisories/GHSA-38r5-34mr-mvm7 or https://nvd.nist.gov/vuln/detail/CVE-2020-29662.
Affected Modules
-
PathGo Versions
-
before v2.0.5+incompatible, from v2.1.0+incompatible before v2.1.2+incompatible
Aliases
References
- https://github.com/goharbor/harbor/security/advisories/GHSA-38r5-34mr-mvm7
- https://nvd.nist.gov/vuln/detail/CVE-2020-29662
- https://github.com/goharbor/harbor/commit/3481722f140e1fdf6e6d290b0cd5c86e509feed4
- https://github.com/goharbor/harbor/commit/c7c409a8e5a8b3fd42841dda84759c9d77977853
- https://github.com/goharbor/harbor/pull/13676
- https://github.com/goharbor/harbor/releases/tag/v2.0.5
- https://github.com/goharbor/harbor/releases/tag/v2.1.2
- https://vuln.go.dev/ID/GO-2022-0785.json
Feedback
This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.
See anything missing or incorrect?
Suggest an edit to this report.