Access Restriction Bypass Affecting github.com/goharbor/harbor/src/core/api package, versions >=1.7.0 <1.9.0-rc1
Proof of concept
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
8 Sep 2019
27 Aug 2019
How to fix?
github.com/goharbor/harbor/src/core/api to version 1.9.0-rc1 or higher.
github.com/goharbor/harbor/src/core/api is a cloud native registry project that stores, signs, and scans content.
Affected versions of this package are vulnerable to Access Restriction Bypass. It allows non-admin users to create admin accounts via the POST