Affected by GO-2022-0704
and 11 other vulnerabilities
GO-2022-0704 : Unauthenticated users can exploit an enumeration vulnerability in Harbor (CVE-2019-19030) in github.com/goharbor/harbor
GO-2022-0785 : "catalog's registry v2 api exposed on unauthenticated path in Harbor" in github.com/goharbor/harbor
GO-2022-0818 : Missing Authorization in Harbor in github.com/goharbor/harbor
GO-2022-0853 : SQL Injection in Cloud Native Computing Foundation Harbor in github.com/goharbor/harbor
GO-2022-0863 : Privilege Escalation in Cloud Native Computing Foundation Harbor in github.com/goharbor/harbor
GO-2022-0865 : Authenticated users can exploit an enumeration vulnerability in Harbor in github.com/goharbor/harbor
GO-2022-0876 : Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation Harbor in github.com/goharbor/harbor
GO-2022-0883 : SQL Injection in Cloud Native Computing Foundation Harbor in github.com/goharbor/harbor
GO-2023-2109 : Harbor timing attack risk in github.com/goharbor/harbor
GO-2024-2915 : Open Redirect URL in Harbor in github.com/goharbor/harbor
GO-2024-2916 : SQL Injection in Harbor scan log API in github.com/goharbor/harbor
GO-2024-3013 : Harbor fails to validate the user permissions when updating project configurations in github.com/goharbor/harbor
Discover Packages
github.com/goharbor/harbor
src
core
proxy
package
Version:
v1.7.8-rc2
Opens a new window with list of versions in this module.
Published: Dec 4, 2020
License: Apache-2.0
Opens a new window with license information.
Imports: 18
Opens a new window with list of imports.
Imported by: 64
Opens a new window with list of known importers.
Documentation
Documentation
¶
NotaryEndpoint , exported for testing.
Proxy is the instance of the reverse proxy in this package.
Handle handles the request.
Init initialize the Proxy instance and handler chain.
MatchListRepos checks if the request looks like a request to list repositories.
MatchPullManifest checks if the request looks like a request to pull manifest. If it is returns the image and tag/sha256 digest as 2nd and 3rd return values
type JSONError struct {
Code string `json:"code,omitempty"`
Message string `json:"message,omitempty"`
Detail string `json:"detail,omitempty"`
}
JSONError wraps a concrete Code and Message, it's readable for docker deamon.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.