1.0.53 Add kics dockerfile scan action #3
webpwnizedscan-dockerfiles-with-kics.yml
on: push
KICS Github Action
44s
Annotations
1 error and 10 warnings
|
KICS Github Action
KICS scan failed with exit code 50
|
|
[HIGH] Missing User Instruction:
database_admin/Dockerfile#L5
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[HIGH] Missing User Instruction:
ldap/Dockerfile#L8
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[HIGH] Missing User Instruction:
database/Dockerfile#L4
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[HIGH] Missing User Instruction:
ldap_admin/Dockerfile#L5
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[HIGH] Missing User Instruction:
www/Dockerfile#L5
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[HIGH] Passwords And Secrets - Generic Password:
ldap/Dockerfile#L15
Query to find passwords and secrets in infrastructure code.
|
|
[HIGH] Passwords And Secrets - Generic Password:
ldap/Dockerfile#L14
Query to find passwords and secrets in infrastructure code.
|
|
[HIGH] Passwords And Secrets - Generic Password:
database_admin/Dockerfile#L13
Query to find passwords and secrets in infrastructure code.
|
|
[HIGH] Passwords And Secrets - Generic Password:
database_admin/Dockerfile#L11
Query to find passwords and secrets in infrastructure code.
|
|
[HIGH] Passwords And Secrets - Generic Password:
www/Dockerfile#L10
Query to find passwords and secrets in infrastructure code.
|