No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Wed, 08 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 08 Jul 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in Harness up to 2.28.2. This vulnerability affects the function getAuthorizedSpaces of the file app/api/controller/gitspace/list_all.go of the component gitspaces Endpoint. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet. | |
| Title | Harness gitspaces Endpoint list_all.go getAuthorizedSpaces authorization | |
| First Time appeared |
Harness
Harness harness |
|
| Weaknesses | CWE-285 CWE-639 |
|
| CPEs | cpe:2.3:a:harness:harness:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Harness
Harness harness |
|
| References |
| |
| Metrics |
cvssV2_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-08T15:38:36.035Z
Reserved: 2026-07-08T07:46:03.631Z
Link: CVE-2026-15036
Updated: 2026-07-08T15:38:12.761Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-08T16:30:04Z