{"id":"CVE-2019-19025","details":"Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform.","aliases":["GHSA-gcqm-v682-ccw6","GHSA-rffr-c932-cpxv","GO-2022-0876"],"modified":"2026-03-15T22:27:34.322796Z","published":"2020-03-20T03:15:13.200Z","related":["GHSA-gcqm-v682-ccw6"],"references":[{"type":"ADVISORY","url":"https://github.com/goharbor/harbor/security/advisories"},{"type":"ADVISORY","url":"https://github.com/goharbor/harbor/security/advisories/GHSA-gcqm-v682-ccw6"},{"type":"ADVISORY","url":"https://tanzu.vmware.com/security/cve-2019-19025"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/goharbor/harbor","events":[{"introduced":"8017a20e0c04a66367d71d6a9ea80c8430ee51ef"},{"fixed":"5d2c4c2df6bbd5ecee385b48fe9f778ed95c506c"},{"introduced":"31b34e3658116e74d1ef3dd713a681765288018c"},{"fixed":"730d6d28a567f8bda31baa0a2a8681d23d9d25cc"}],"database_specific":{"versions":[{"introduced":"1.7.0"},{"fixed":"1.8.6"},{"introduced":"1.9.0"},{"fixed":"1.9.3"}]}}],"versions":["v1.9.0","v1.9.1","v1.9.1-rc1","v1.9.2","v1.9.2-rc1","v1.9.3-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-19025.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}