Dockerfile

Dockerfile Queries List¶

This page contains all queries from Dockerfile.

Query	Severity	Category	More info
Last User Is 'root' ^{_{67fd0c4a-68cf-46d7-8c41-bc9fba7e40ae}}	High	Best Practices	Query details Documentation
Missing User Instruction ^{_{fd54f200-402c-4333-a5a4-36ef6709af2f}}	High	Build Process	Query details Documentation
Changing Default Shell Using RUN Command ^{_{8a301064-c291-4b20-adcb-403fe7fd95fd}}	Medium	Best Practices	Query details Documentation
Image Version Using 'latest' ^{_{f45ea400-6bbe-4501-9fc7-1c3d75c32067}}	Medium	Best Practices	Query details Documentation
Not Using JSON In CMD And ENTRYPOINT Arguments ^{_{b86987e1-6397-4619-81d5-8807f2387c79}}	Medium	Build Process	Query details Documentation
Run Using Sudo ^{_{8ada6e80-0ade-439e-b176-0b28f6bce35a}}	Medium	Insecure Configurations	Query details Documentation
Add Instead of Copy ^{_{9513a694-aa0d-41d8-be61-3271e056f36b}}	Medium	Supply-Chain	Query details Documentation
Apt Get Install Pin Version Not Defined ^{_{965a08d7-ef86-4f14-8792-4a3b2098937e}}	Medium	Supply-Chain	Query details Documentation
Gem Install Without Version ^{_{22cd11f7-9c6c-4f6e-84c0-02058120b341}}	Medium	Supply-Chain	Query details Documentation
Image Version Not Explicit ^{_{9efb0b2d-89c9-41a3-91ca-dcc0aec911fd}}	Medium	Supply-Chain	Query details Documentation
Missing Version Specification In dnf install ^{_{93d88cf7-f078-46a8-8ddc-178e03aeacf1}}	Medium	Supply-Chain	Query details Documentation
Missing Zypper Non-interactive Switch ^{_{45e1fca5-f90e-465d-825f-c2cb63fa3944}}	Medium	Supply-Chain	Query details Documentation
NPM Install Command Without Pinned Version ^{_{e36d8880-3f78-4546-b9a1-12f0745ca0d5}}	Medium	Supply-Chain	Query details Documentation
Unpinned Package Version in Apk Add ^{_{d3499f6d-1651-41bb-a9a7-de925fea487b}}	Medium	Supply-Chain	Query details Documentation
Unpinned Package Version in Pip Install ^{_{02d9c71f-3ee8-4986-9c27-1a20d0d19bfc}}	Medium	Supply-Chain	Query details Documentation
Yum install Without Version ^{_{6452c424-1d92-4deb-bb18-a03e95d579c4}}	Medium	Supply-Chain	Query details Documentation
Chown Flag Exists ^{_{aa93e17f-b6db-4162-9334-c70334e7ac28}}	Low	Best Practices	Query details Documentation
Curl or Wget Instead of Add ^{_{4b410d24-1cbe-4430-a632-62c9a931cf1c}}	Low	Best Practices	Query details Documentation
Exposing Port 22 (SSH) ^{_{5907595b-5b6d-4142-b173-dbb0e73fbff8}}	Low	Best Practices	Query details Documentation
MAINTAINER Instruction Being Used ^{_{99614418-f82b-4852-a9ae-5051402b741c}}	Low	Best Practices	Query details Documentation
Missing Dnf Clean All ^{_{295acb63-9246-4b21-b441-7c1f1fb62dc0}}	Low	Best Practices	Query details Documentation
Missing Zypper Clean ^{_{38300d1a-feb2-4a48-936a-d1ef1cd24313}}	Low	Best Practices	Query details Documentation
Multiple RUN, ADD, COPY, Instructions Listed ^{_{0008c003-79aa-42d8-95b8-1c2fe37dbfe6}}	Low	Best Practices	Query details Documentation
Pip install Keeping Cached Packages ^{_{f2f903fb-b977-461e-98d7-b3e2185c6118}}	Low	Best Practices	Query details Documentation
Yum Clean All Missing ^{_{00481784-25aa-4a55-8633-3136dfcf4f37}}	Low	Best Practices	Query details Documentation
COPY '--from' References Current FROM Alias ^{_{cdddb86f-95f6-4fc4-b5a1-483d9afceb2b}}	Low	Build Process	Query details Documentation
Copy With More Than Two Arguments Not Ending With Slash ^{_{6db6e0c2-32a3-4a2e-93b5-72c35f4119db}}	Low	Build Process	Query details Documentation
Multiple CMD Instructions Listed ^{_{41c195f4-fc31-4a5c-8a1b-90605538d49f}}	Low	Build Process	Query details Documentation
Multiple ENTRYPOINT Instructions Listed ^{_{6938958b-3f1a-451c-909b-baeee14bdc97}}	Low	Build Process	Query details Documentation
RUN Instruction Using 'cd' Instead of WORKDIR ^{_{f4a6bcd3-e231-4acf-993c-aa027be50d2e}}	Low	Build Process	Query details Documentation
Same Alias In Different Froms ^{_{f2daed12-c802-49cd-afed-fe41d0b82fed}}	Low	Build Process	Query details Documentation
Update Instruction Alone ^{_{9bae49be-0aa3-4de5-bab2-4c3a069e40cd}}	Low	Build Process	Query details Documentation
Using Unnamed Build Stages ^{_{68a51e22-ae5a-4d48-8e87-b01a323605c9}}	Low	Build Process	Query details Documentation
WORKDIR Path Not Absolute ^{_{6b376af8-cfe8-49ab-a08d-f32de23661a4}}	Low	Build Process	Query details Documentation
Healthcheck Instruction Missing ^{_{b03a748a-542d-44f4-bb86-9199ab4fd2d5}}	Low	Insecure Configurations	Query details Documentation
Shell Running A Pipe Without Pipefail Flag ^{_{efbf148a-67e9-42d2-ac47-02fa1c0d0b22}}	Low	Insecure Defaults	Query details Documentation
APT-GET Missing Flags To Avoid Manual Input ^{_{77783205-c4ca-4f80-bb80-c777f267c547}}	Low	Supply-Chain	Query details Documentation
Missing Flag From Dnf Install ^{_{7ebd323c-31b7-4e5b-b26f-de5e9e477af8}}	Low	Supply-Chain	Query details Documentation
Run Using 'wget' and 'curl' ^{_{fc775e75-fcfb-4c98-b2f2-910c5858b359}}	Low	Supply-Chain	Query details Documentation
Run Using apt ^{_{b84a0b47-2e99-4c9f-8933-98bcabe2b94d}}	Low	Supply-Chain	Query details Documentation
Yum Install Allows Manual Input ^{_{6e19193a-8753-436d-8a09-76dcff91bb03}}	Low	Supply-Chain	Query details Documentation
Zypper Install Without Version ^{_{562952e4-0348-4dea-9826-44f3a2c6117b}}	Low	Supply-Chain	Query details Documentation
Using Platform Flag with FROM Command ^{_{b16e8501-ef3c-44e1-a543-a093238099c9}}	Info	Best Practices	Query details Documentation
UNIX Ports Out Of Range ^{_{71bf8cf8-f0a1-42fa-b9d2-d10525e0a38e}}	Info	Networking and Firewall	Query details Documentation
Apk Add Using Local Cache Path ^{_{ae9c56a6-3ed1-4ac0-9b54-31267f51151d}}	Info	Supply-Chain	Query details Documentation
Apt Get Install Lists Were Not Deleted ^{_{df746b39-6564-4fed-bf85-e9c44382303c}}	Info	Supply-Chain	Query details Documentation
APT-GET Not Avoiding Additional Packages ^{_{7384dfb2-fcd1-4fbf-91cd-6c44c318c33c}}	Info	Supply-Chain	Query details Documentation
Run Utilities And POSIX Commands ^{_{9b6b0f38-92a2-41f9-b881-3a1083d99f1b}}	Info	Supply-Chain	Query details Documentation