CVE-2023-20902: Timing Condition Vulnerability in Several Harbor Versions, Allowing Attacker Network Access to Create and Stop Job Tasks and Retrieve Job Task Information
A recently discovered vulnerability, CVE-2023-20902, affects multiple versions of the Harbor open-source container registry, including:
Harbor 1.10.17 and below
The vulnerability lies in
CVE-2022-46463 - Unauthorized Access to Public and Private Image Repositories in Harbor v1.X.X to v2.5.3
DISCLAIMER: The following content is DISPUTED by the vendor, as they consider it a documented feature. Please verify the information for your use case accordingly.