Closed satyamchaurasiapersistent closed 8 months ago
Checkmarx One – Scan Summary & Details – 65a007cf-c09e-47aa-85a1-6b87f3866658
Severity | Issue | Source File / Package | Checkmarx Insight |
---|---|---|---|
WORKDIR Path Not Absolute | /Dockerfile: 3 | For clarity and reliability, you should always use absolute paths for your WORKDIR | |
Unpinned Package Version in Apk Add | /Dockerfile: 10 | Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes | |
Unpinned Package Version in Apk Add | /Dockerfile: 11 | Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes | |
Unpinned Package Version in Apk Add | /Dockerfile: 12 | Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes | |
Unpinned Package Version in Apk Add | /Dockerfile: 9 | Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes | |
Update Instruction Alone | /Dockerfile: 4 | Instruction 'RUN |
Severity | Issue | Source File / Package |
---|---|---|
CVE-2016-1000027 | Maven-org.springframework:spring-webmvc-5.3.31 | |
CVE-2016-1000027 | Maven-org.springframework:spring-web-5.3.31 | |
CVE-2023-3635 | Maven-com.squareup.okio:okio-2.8.0 | |
WORKDIR Path Not Absolute | /Dockerfile: 3 | |
WORKDIR Path Not Absolute | /Dockerfile: 21 | |
CVE-2023-33201 | Maven-org.bouncycastle:bcprov-jdk15on-1.70 | |
CVE-2023-51074 | Maven-com.jayway.jsonpath:json-path-2.7.0 | |
Unpinned Package Version in Apk Add | /Dockerfile: 27 | |
Unpinned Package Version in Apk Add | /Dockerfile: 26 | |
Unpinned Package Version in Apk Add | /Dockerfile: 9 | |
Unpinned Package Version in Apk Add | /Dockerfile: 28 | |
Unpinned Package Version in Apk Add | /Dockerfile: 12 | |
Unpinned Package Version in Apk Add | /Dockerfile: 29 | |
Unpinned Package Version in Apk Add | /Dockerfile: 10 | |
Unpinned Package Version in Apk Add | /Dockerfile: 11 | |
Update Instruction Alone | /Dockerfile: 22 | |
Update Instruction Alone | /Dockerfile: 4 |
By submitting a PR to this repository, you agree to the terms within the Checkmarx Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.
Description
References
Testing
Checklist