Safeguard
Tag

container-registry

Safeguard articles tagged "container-registry" — guides, analysis, and best practices for software supply chain and application security.

11 articles

Container Security

Securing Container Registries: From Push to Pull

Your registry is the single point every image passes through — and a favorite target for attackers who want to poison many deployments at once. Here is how to lock it down end to end.

Jul 4, 20265 min read
Container Security

Comparing container registry security features across maj...

A practical, no-fluff comparison of ECR vs ACR vs GAR vs OCIR on scanning depth, signing, IAM, and compliance — plus where Harbor fits and how Safeguard unifies them.

Jan 6, 20268 min read
Vulnerability Analysis

Harbor Registry Privilege Escalation via Self-Registratio...

CVE-2019-16097 let attackers self-register as Harbor admins via a single API call. Here's the impact, affected versions, timeline, and how to remediate it.

Nov 22, 20257 min read
Vulnerability Analysis

Harbor Arbitrary File Overwrite via Chart Upload Path Tra...

CVE-2020-13788 let authenticated users overwrite arbitrary files on Harbor via path traversal in Helm chart uploads. Here's the impact, fix, and remediation steps.

Nov 22, 20258 min read
Vulnerability Analysis

Harbor CSRF Token Bypass Enabling Session Hijack (CVE-202...

CVE-2022-31663 let attackers bypass Harbor's CSRF protections to hijack authenticated sessions. Here's the impact, affected versions, and how to remediate.

Nov 22, 20257 min read
Container Security

The 2019 Docker Hub Database Breach Exposing User Credent...

In April 2019, Docker Hub exposed 190,000 accounts' credentials and GitHub/Bitbucket tokens. Here's what happened, what leaked, and why it still matters for supply chain security.

Nov 19, 20257 min read
Containers

"New Tag Scanned": What Container Registries Mean By It

A plain explanation of what the "new tag scanned" event actually means in registries like GHCR, ECR, and Docker Hub, and what to do when it flags a vulnerability.

Mar 11, 20255 min read
Container Security

Azure Container Registry Trust Model

What Azure Container Registry actually guarantees about the images you pull — signing, attestation, content trust, and where the trust chain breaks in practice.

Jul 28, 20247 min read
DevSecOps

GitHub Packages Security Features: What You Get and What You Do Not

GitHub Packages integrates tightly with GitHub Actions and repositories. Its security features are convenient but have gaps that teams need to understand.

Sep 12, 20236 min read
Cloud Security

Azure Container Registry Security: Locking Down Your Image Pipeline

How to secure Azure Container Registry with network isolation, content trust, and Microsoft Defender for Containers integration.

Mar 25, 20237 min read
Infrastructure Security

Harbor Registry Security Configuration: A Complete Hardening Guide

Harbor is the most popular open-source container registry. Its security features are powerful but require deliberate configuration to be effective.

Sep 12, 20226 min read
container-registry — Safeguard Blog