U.S. Dept Of Defense: Docker Registry without authentication leads to docker images download

An exposed Docker Registry HTTP API allowed attackers to download Docker images and potentially access confidential source code without authentication. The vulnerability was caused by a lack of access control on the registry and could have been mitigated by implementing proper access controls or...