GRC Store

Search / finos-ccc/ccc.cntrreg.th / v2026.06-rc5

Release · v2026.06-rc5

FINOS-CCC/CCC.CntrReg.TH Threat Catalog

FINOS-CCC/CCC.CntrReg.TH

Threats for Container Registry technologies, as defined by the FINOS Common Cloud Controls project.

Published by FINOS Common Cloud Controls

Install

OCI v1.1
$grcli unpack --repository finos-ccc/ccc.cntrreg.th --tag v2026.06-rc5
Coordinate
oci.grc.store/finos-ccc/ccc.cntrreg.th:v2026.06-rc5
Manifest digest
sha256:ec3463837594c562beae355702705a79fe5761da48ca132cf51fad9d661e2598

Provenance

1 layer
Digest Media type Size
37842e006802… application/vnd.gemara.artifact.v1+yaml 3.0 KiB
Bundle config blob 
{
  "bundle-version": "1.0",
  "gemara-version": "v1.2.0",
  "metadata": {
    "provenance": {
      "buildDefinition": {
        "buildType": "https://grc.store/grcli/buildtype/v0",
        "externalParameters": {
          "artifact": {
            "id": "CCC.CntrReg.TH",
            "type": "ThreatCatalog"
          },
          "target": {
            "registry": "oci.grc.store",
            "repository": "finos-ccc/ccc.cntrreg.th",
            "tag": "v2026.06-rc5"
          }
        },
        "internalParameters": {
          "CI": "true",
          "GITHUB_ACTIONS": "true",
          "GITHUB_ACTOR": "eddie-knight",
          "GITHUB_REF": "refs/heads/main",
          "GITHUB_REPOSITORY": "eddie-knight/common-cloud-controls",
          "GITHUB_RUN_ATTEMPT": "1",
          "GITHUB_RUN_ID": "26771723499",
          "GITHUB_SHA": "a9503345caf59a144d8ab9b4bede212b393ca56a",
          "GITHUB_WORKFLOW": "Batch Release All Catalogs",
          "RUNNER_OS": "Linux"
        },
        "resolvedDependencies": [
          {
            "name": "artifacts/devtools/container-registry/threats.yaml",
            "uri": "file://artifacts/devtools/container-registry/threats.yaml",
            "digest": {
              "sha256": "37842e0068021fa76e90f913f38a02c42b506f933e01426edb54515d51844183"
            }
          },
          {
            "name": "source",
            "uri": "git+https://github.com/eddie-knight/common-cloud-controls@a9503345caf59a144d8ab9b4bede212b393ca56a",
            "digest": {
              "gitCommit": "a9503345caf59a144d8ab9b4bede212b393ca56a"
            }
          }
        ]
      },
      "runDetails": {
        "builder": {
          "id": "https://github.com/eddie-knight/common-cloud-controls/actions/runs/26771723499",
          "version": {
            "go": "go1.25.0",
            "go-arch": "amd64",
            "go-os": "linux",
            "grcli": "v0.2.2"
          }
        },
        "metadata": {
          "invocationId": "26771723499-1",
          "startedOn": "2026-06-01T17:47:53.003362011Z",
          "finishedOn": "2026-06-01T17:47:53.102883934Z"
        },
        "byproducts": [
          {
            "name": "threats.yaml",
            "digest": {
              "sha256": "37842e0068021fa76e90f913f38a02c42b506f933e01426edb54515d51844183"
            }
          }
        ]
      }
    }
  },
  "artifacts": [
    {
      "name": "threats.yaml",
      "type": "ThreatCatalog",
      "id": "CCC.CntrReg.TH",
      "role": "artifact"
    }
  ]
}

CCC Container Registry Threats

Threats for Container Registry technologies, as defined by the FINOS Common Cloud Controls project.

ID
CCC.CntrReg.TH
Version
v2026.06-rc5
Gemara version
v1.2.0
Author
FINOS Common Cloud Controls

Resource Management

The Resource Management group covers entries related to the lifecycle, configuration, and operational integrity of cloud resources. This includes resource exhaustion, tag manipulation, version rollback, scaling, and cost management.

  1. CCC.CntrReg.TH01 Vulnerabilities in Artifacts are Exploited

    Attackers exploit known vulnerabilities in container images or artifacts stored in the registry, leading to unauthorized access, data breaches, or system compromise.

    Capabilities
    • CCC.CntrReg.Capabilities
      • CCC.CntrReg.CP05

  2. CCC.CntrReg.TH02 Accumulation of Unused Artifacts

    The registry accumulates outdated or unused artifacts, increasing storage costs and the risk of deploying vulnerable or untested versions.

    Capabilities
    • CCC.CntrReg.Capabilities
      • CCC.CntrReg.CP04
    • CCC.Core.Capabilities
      • CCC.Core.CP18