A critical security flaw in Harbor cloud native registry for container images could be exploited to obtain admin privileges on a vulnerable hosting system. An attacker could exploit the flaw by sending a malicious request to a vulnerable machine and register a new user with admin privileges. The vulnerability affects versions 1.7.0 through 1.8.2.0 to 1.3.0. Users have to update their Harbor installations immediately to address the flaw. The maintainers of the Harbor project have already released the versions. 1,300 of the open Harbor instances are vulnerable.”]
Source: https://securityaffairs.co/wordpress/91488/hacking/harbor-critical-flaw.html