OPSEXP-2121 Add kics scan #4
pmaciusAnnotations
10 warnings
|
[HIGH] Missing User Instruction:
search/enterprise/common/Dockerfile#L1
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[HIGH] Missing User Instruction:
java/Dockerfile#L24
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[MEDIUM] Add Instead of Copy:
share/Dockerfile#L14
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
repository/Dockerfile#L31
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
repository/Dockerfile#L11
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
tengine/misc/Dockerfile#L12
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
share/Dockerfile#L13
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
ats/trouter/Dockerfile#L11
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
connector/ms365/Dockerfile#L10
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
search/enterprise/common/Dockerfile#L7
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
kics-report
|
39.3 KB |
|