Apt Get Install Pin Version Not Defined
- Query id: 965a08d7-ef86-4f14-8792-4a3b2098937e
- Query name: Apt Get Install Pin Version Not Defined
- Platform: Dockerfile
- Severity: Medium
- Category: Supply-Chain
- CWE: 1357
- URL: Github
Description¶
When installing a package, its pin version should be defined
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - dockerfile file
FROM busybox
RUN apt-get install python
RUN ["apt-get", "install", "python"]
FROM busybox2
RUN apt-get install -y -t python
FROM busybox3
RUN apt-get update && apt-get install -y \
python-qt4 \
python-pyside \
python-pip \
python3-pip \
python3-pyqt5
Positive test num. 2 - dockerfile file
FROM busybox4
RUN apt-get install python
RUN ["apt-get", "install", "python"]
FROM busybox5
RUN apt-get install -y -t python
FROM busybox6
RUN apt-get update ; \
apt-get install -y \
python-qt4 \
python-pyside \
python-pip \
python3-pip \
python3-pyqt5