GRC Store

Search / finos-ccc/ccc.cntrreg.th / v2026.06-rc4

Release · v2026.06-rc4

FINOS-CCC/CCC.CntrReg.TH Threat Catalog

FINOS-CCC/CCC.CntrReg.TH

Threats for Container Registry technologies, as defined by the FINOS Common Cloud Controls project.

Published by FINOS Common Cloud Controls

Install

OCI v1.1
$grcli unpack --repository finos-ccc/ccc.cntrreg.th --tag v2026.06-rc4
Coordinate
oci.grc.store/finos-ccc/ccc.cntrreg.th:v2026.06-rc4
Manifest digest
sha256:fe59c830beb1e6e9956c2907a6528009c8620616595e5006491659aed05b80cd

Provenance

1 layer
Digest Media type Size
08d77c2fd365… application/vnd.gemara.artifact.v1+yaml 3.0 KiB
Bundle config blob 
{
  "bundle-version": "1.0",
  "gemara-version": "v1.2.0",
  "metadata": {
    "provenance": {
      "buildDefinition": {
        "buildType": "https://grc.store/grcli/buildtype/v0",
        "externalParameters": {
          "artifact": {
            "id": "CCC.CntrReg.TH",
            "type": "ThreatCatalog"
          },
          "target": {
            "registry": "oci.grc.store",
            "repository": "finos-ccc/ccc.cntrreg.th",
            "tag": "v2026.06-rc4"
          }
        },
        "internalParameters": {
          "CI": "true",
          "GITHUB_ACTIONS": "true",
          "GITHUB_ACTOR": "eddie-knight",
          "GITHUB_REF": "refs/heads/main",
          "GITHUB_REPOSITORY": "eddie-knight/common-cloud-controls",
          "GITHUB_RUN_ATTEMPT": "1",
          "GITHUB_RUN_ID": "26770748733",
          "GITHUB_SHA": "2b6dab4c1307a0ac67d90c99829f6c1825154c84",
          "GITHUB_WORKFLOW": "Batch Release All Catalogs",
          "RUNNER_OS": "Linux"
        },
        "resolvedDependencies": [
          {
            "name": "artifacts/devtools/container-registry/threats.yaml",
            "uri": "file://artifacts/devtools/container-registry/threats.yaml",
            "digest": {
              "sha256": "08d77c2fd3659527abca7164286fca6b93e663572f795790ae92b0ff5efdb4e2"
            }
          },
          {
            "name": "source",
            "uri": "git+https://github.com/eddie-knight/common-cloud-controls@2b6dab4c1307a0ac67d90c99829f6c1825154c84",
            "digest": {
              "gitCommit": "2b6dab4c1307a0ac67d90c99829f6c1825154c84"
            }
          }
        ]
      },
      "runDetails": {
        "builder": {
          "id": "https://github.com/eddie-knight/common-cloud-controls/actions/runs/26770748733",
          "version": {
            "go": "go1.25.0",
            "go-arch": "amd64",
            "go-os": "linux",
            "grcli": "v0.2.2"
          }
        },
        "metadata": {
          "invocationId": "26770748733-1",
          "startedOn": "2026-06-01T17:29:12.848987302Z",
          "finishedOn": "2026-06-01T17:29:13.063919729Z"
        },
        "byproducts": [
          {
            "name": "threats.yaml",
            "digest": {
              "sha256": "08d77c2fd3659527abca7164286fca6b93e663572f795790ae92b0ff5efdb4e2"
            }
          }
        ]
      }
    }
  },
  "artifacts": [
    {
      "name": "threats.yaml",
      "type": "ThreatCatalog",
      "id": "CCC.CntrReg.TH",
      "role": "artifact"
    }
  ]
}

CCC Container Registry Threats

Threats for Container Registry technologies, as defined by the FINOS Common Cloud Controls project.

ID
CCC.CntrReg.TH
Version
v2026.06-rc4
Gemara version
v1.2.0
Author
FINOS Common Cloud Controls

Resource Management

The Resource Management group covers entries related to the lifecycle, configuration, and operational integrity of cloud resources. This includes resource exhaustion, tag manipulation, version rollback, scaling, and cost management.

  1. CCC.CntrReg.TH01 Vulnerabilities in Artifacts are Exploited

    Attackers exploit known vulnerabilities in container images or artifacts stored in the registry, leading to unauthorized access, data breaches, or system compromise.

    Capabilities
    • CCC.CntrReg.Capabilities
      • CCC.CntrReg.CP05

  2. CCC.CntrReg.TH02 Accumulation of Unused Artifacts

    The registry accumulates outdated or unused artifacts, increasing storage costs and the risk of deploying vulnerable or untested versions.

    Capabilities
    • CCC.CntrReg.Capabilities
      • CCC.CntrReg.CP04
    • CCC.Core.Capabilities
      • CCC.Core.CP18