image credit: flickr

Patch now: 1,300 Harbor cloud registries open to attack

September 19, 2019

Via: ZDnet

A critical vulnerability has been found in a popular open source cloud system that can permit attackers to take over registries by giving themselves administrative rights.

On Wednesday, researchers from Palo Alto Networks’ Unit 42 said the bug was uncovered during the analysis of projects connected to the Cloud Native Computing Foundation (CNCF).

The vulnerable software is Harbor, open source cloud registry software for storing, signing, and scanning container images for security issues. The software is compatible with Docker Hub, Docker Registry, and Google Container Registry, among others.

Read More on ZDnet