Memory Not Limited
- Query id: bb9ac4f7-e13b-423d-a010-c74a1bfbe492
- Query name: Memory Not Limited
- Platform: DockerCompose
- Severity: Medium
- Category: Resource Management
- URL: Github
Description¶
Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than the designated amount of memory
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - yaml file
version: "3.7"
services:
zapzop:
image: openzapzop/zapzop
ports:
- 6412:6412
deploy:
resources:
limits:
cpus: '0.3'
reservations:
cpus: '0.1'
Postitive test num. 2 - yaml file
version: "2.4"
services:
criwhat:
build:
context: "./cri/what"
restart: "unless-stopped"
cpus: 0.25
environment:
- NODE_ENV=production
- PORT=5000
- FLAG=FLAG-TOO_MANY_ERRORS_TOO_MANY_DETAILS
ports:
- 12345:6000
Postitive test num. 3 - yaml file
version: "3.7"
services:
zapzop:
image: openzapzop/zapzop
ports:
- 6412:6412
deploy: