Shared Volumes Between Containers
- Query id: 8c978947-0ff6-485c-b0c2-0bfca6026466
- Query name: Shared Volumes Between Containers
- Platform: DockerCompose
- Severity: Info
- Category: Insecure Configurations
- CWE: 693
- URL: Github
Description¶
Volumes shared between containers can cause data corruption or can be used to share malicious files between containers.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
version: "3"
services:
frontend:
build: frontend
ports:
- "8000:80"
volumes:
- ./logic:/app
backend:
build: backend
expose:
- 8080
volumes:
- ./logic:/app
Positive test num. 2 - yaml file
version: "3"
services:
app:
build: app
ports:
- "0.0.0.0:80:80"
volumes:
- shared-volume:/app/uploads
depends_on:
- checker
checker:
build: checker
expose:
- 8080
volumes:
- shared-volume:/uploads
volumes:
shared-volume: