GO-2025-3825
- Source
- https://pkg.go.dev/vuln/GO-2025-3825
- Import Source
- https://vuln.go.dev/ID/GO-2025-3825.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GO-2025-3825
- Aliases
- Published
- 2025-07-29T18:49:33Z
- Modified
- 2025-07-29T19:44:46.456966Z
- Summary
- Harbor repository description page has Cross-site Scripting vulnerability in github.com/goharbor/harbor
- Details
-
Harbor repository description page has Cross-site Scripting vulnerability in github.com/goharbor/harbor.
NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.
(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)
The additional affected modules and versions are: github.com/goharbor/harbor before v2.4.0-rc1.0.20250421072404-a13a16383a41.
- Database specific
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2025-3825" }- References
-
- https://github.com/goharbor/harbor/security/advisories/GHSA-f9vc-vf3r-pqqq
- https://nvd.nist.gov/vuln/detail/CVE-2025-32019
- https://github.com/goharbor/harbor/commit/76c2c5f7cfd9edb356cbb373889a59cc3217a058
- https://github.com/goharbor/harbor/commit/a13a16383a41a8e20f524593cb290dc52f86f088
- https://github.com/goharbor/harbor/commit/f019430872118852f83f96cac9c587b89052d1e5
Affected packages
Go / github.com/goharbor/harbor
Package
- Name
- github.com/goharbor/harbor
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/goharbor/harbor
Go / github.com/goharbor/harbor
Package
- Name
- github.com/goharbor/harbor
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/goharbor/harbor
Go / github.com/goharbor/harbor
Package
- Name
- github.com/goharbor/harbor
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/goharbor/harbor
Go / github.com/goharbor/harbor
Package
- Name
- github.com/goharbor/harbor
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/goharbor/harbor