Info DisclosureCVSS 8.2high
9 min read
652 Repositories, Zero Authentication
An exposed container registry at a global infrastructure provider held 652 repositories with no authentication. Docker image layers contained full application source code, configuration files, API keys, database credentials, and internal service architecture maps. This is the story of how it was found and what it revealed.
Read case