TF 0087 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
All container images must start with the *.azurecr.io domain
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description
Container images are being pulled from registries outside of the trusted *.azurecr.io Azure Container Registry domain, increasing the risk of using unverified or potentially malicious images.
Impact
If untrusted container registries are used, attackers could supply compromised or vulnerable images, leading to unauthorized access, data breaches, or control over the containerized environment. This weakens supply chain integrity and exposes the infrastructure to malware or exploitation.
Resolution
Use images from trusted Azure registries.