Description

Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Versions 2.11.2 and below, as well as versions 2.12.0-rc1 and 2.13.0-rc1, contain a vulnerability where the markdown field in the info tab page can be exploited to inject XSS code. This is fixed in versions 2.11.3 and 2.12.3.

INFO

Published Date :

2025-07-23T20:38:10.966Z

Last Modified :

2025-07-23T20:47:47.745Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-32019 vulnerability.

Vendors Products
Goharbor
  • Harbor
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-32019.

URL Resource
https://github.com/goharbor/harbor/commit/76c2c5f7cfd9edb356cbb373889a59cc3217a058 cve-icon cve-icon
https://github.com/goharbor/harbor/commit/a13a16383a41a8e20f524593cb290dc52f86f088 cve-icon cve-icon
https://github.com/goharbor/harbor/commit/f019430872118852f83f96cac9c587b89052d1e5 cve-icon cve-icon
https://github.com/goharbor/harbor/security/advisories/GHSA-f9vc-vf3r-pqqq cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact