CVE-2020-29662
First published: Tue Feb 02 2021(Updated: )
In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linuxfoundation Harbor | >=2.0<2.0.5 | |
| Linuxfoundation Harbor | >=2.1.0<2.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-29662?
The severity of CVE-2020-29662 is medium with a CVSS score of 5.3.
How does CVE-2020-29662 affect Harbor?
CVE-2020-29662 affects Harbor versions 2.0 before 2.0.5 and 2.1.x before 2.1.2 by exposing the catalog's registry API on an unauthenticated path.
What is the Common Weakness Enumeration (CWE) ID for CVE-2020-29662?
The Common Weakness Enumeration (CWE) ID for CVE-2020-29662 is CWE-319.
How can I fix CVE-2020-29662?
To fix CVE-2020-29662, it is recommended to upgrade Harbor to version 2.0.5 or 2.1.2.
Where can I find more information about CVE-2020-29662?
More information about CVE-2020-29662 can be found on the Harbor project's GitHub page: https://github.com/goharbor/harbor/security/advisories/GHSA-38r5-34mr-mvm7.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/tags
- agent/description
- agent/type
- agent/author
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/linuxfoundation
- canonical/linuxfoundation harbor
- version/linuxfoundation harbor/2.0
- version/linuxfoundation harbor/2.1.0