data/reports/GO-2022-0876.yaml - vulndb - Git at Google

 id: GO-2022-0876
 modules:
     - module: github.com/goharbor/harbor
       versions:
         - introduced: 1.7.0
         - fixed: 1.8.6
         - introduced: 1.9.0
         - fixed: 1.9.3
       vulnerable_at: 1.9.3-rc1
 summary: Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation Harbor in github.com/goharbor/harbor
 cves:
     - CVE-2019-19025
 ghsas:
     - GHSA-gcqm-v682-ccw6
     - GHSA-rffr-c932-cpxv
 references:
     - advisory: https://github.com/advisories/GHSA-rffr-c932-cpxv
     - advisory: https://github.com/goharbor/harbor/security/advisories/GHSA-gcqm-v682-ccw6
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2019-19025
     - web: https://github.com/goharbor/harbor/security/advisories
     - web: https://tanzu.vmware.com/security/cve-2019-19025
 source:
     id: GHSA-rffr-c932-cpxv
     created: 2024-08-20T14:26:16.700379-04:00
 review_status: UNREVIEWED
 unexcluded: NOT_IMPORTABLE
	id: GO-2022-0876
	modules:
	- module: github.com/goharbor/harbor
	versions:
	- introduced: 1.7.0
	- fixed: 1.8.6
	- introduced: 1.9.0
	- fixed: 1.9.3
	vulnerable_at: 1.9.3-rc1
	summary: Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation Harbor in github.com/goharbor/harbor
	cves:
	- CVE-2019-19025
	ghsas:
	- GHSA-gcqm-v682-ccw6
	- GHSA-rffr-c932-cpxv
	references:
	- advisory: https://github.com/advisories/GHSA-rffr-c932-cpxv
	- advisory: https://github.com/goharbor/harbor/security/advisories/GHSA-gcqm-v682-ccw6
	- advisory: https://nvd.nist.gov/vuln/detail/CVE-2019-19025
	- web: https://github.com/goharbor/harbor/security/advisories
	- web: https://tanzu.vmware.com/security/cve-2019-19025
	source:
	id: GHSA-rffr-c932-cpxv
	created: 2024-08-20T14:26:16.700379-04:00
	review_status: UNREVIEWED
	unexcluded: NOT_IMPORTABLE