add vuln #2
Merged
add vuln #2
Annotations
1 error and 9 warnings
|
Show results
Process completed with exit code 1.
|
|
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Run KICS Scan with SARIF result:
vulns/positive2.dockerfile#L1
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
Run KICS Scan with SARIF result:
vulns/positive.dockerfile#L1
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
Run KICS Scan with SARIF result:
vulns/positive.dockerfile#L2
Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
|
|
Run KICS Scan with SARIF result:
vulns/positive2.dockerfile#L2
Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
|
|
Run KICS Scan with SARIF result:
vulns/positive.dockerfile#L1
Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
|
|
Run KICS Scan with SARIF result:
vulns/positive2.dockerfile#L1
Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
|
|
Run KICS Scan with SARIF result:
vulns/positive.dockerfile#L2
When installing packages, use the '--no-cache' switch to avoid the need to use '--update' and remove '/var/cache/apk/*'
|
|
Run KICS Scan with SARIF result:
vulns/positive2.dockerfile#L2
When installing packages, use the '--no-cache' switch to avoid the need to use '--update' and remove '/var/cache/apk/*'
|
Loading