CVE-2019-19026: SQL Injection
First published: Fri Mar 20 2020(Updated: )
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linuxfoundation Harbor | >=1.7.0<1.8.6 | |
| Linuxfoundation Harbor | >=1.9.0<1.9.3 | |
| Pivotal Vmware Harbor Registry |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security issue in Harbor?
The vulnerability ID for this security issue in Harbor is CVE-2019-19026.
What is the severity of CVE-2019-19026?
The severity of CVE-2019-19026 is medium (4.9).
How does CVE-2019-19026 affect the Cloud Native Computing Foundation Harbor?
CVE-2019-19026 affects the Cloud Native Computing Foundation Harbor versions prior to 1.8.6 and 1.9.3.
How can SQL Injection be exploited in VMware Harbor Container Registry for the Pivotal Platform?
SQL Injection can be exploited in VMware Harbor Container Registry for the Pivotal Platform via project quotas.
Is there a fix available for CVE-2019-19026?
Yes, the fix for CVE-2019-19026 is available in Harbor versions 1.8.6 and 1.9.3.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/linuxfoundation
- canonical/linuxfoundation harbor
- version/linuxfoundation harbor/1.7.0
- version/linuxfoundation harbor/1.9.0
- vendor/pivotal
- canonical/pivotal vmware harbor registry