docker docker-bench-security issues

docker / docker-bench-security

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

Apache License 2.0

9.17k stars 1.02k forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

fix: check_2_8 not working as intended

#561 tbfpartner opened 4 days ago
1
fix: check_2_7 not working as intended

#560 tbfpartner opened 4 days ago
1
dist: adjust script imports to be able to use /usr/libexec

#559 cyphar closed 1 month ago
5
check for user daemon configuration file

#558 konstruktoid opened 2 months ago
0
dont use static mount point in remediation

#557 konstruktoid opened 2 months ago
0
Execute benchmark on rootless docker

#556 osorito opened 2 months ago
32
Ensure a separate partition for containers has been created (Automated)

#555 osorito closed 2 months ago
3
1.1.9 Is checking the wrong file

#554 Yaytay opened 5 months ago
1
modified get_docker_configuration_file_args jq command to remove null response

#553 spedersen-emailage closed 6 months ago
4
check_2_3 doesnt appear to account for log-level default value

#552 spedersen-emailage closed 6 months ago
11
jq error

#551 suljov closed 4 months ago
3
update github action

#550 konstruktoid closed 7 months ago
0
include /run in get_service_file

#549 konstruktoid closed 7 months ago
0
get_service_file unable to find containerd.sock

#548 spedersen-emailage closed 7 months ago
9
containerd.socket > containerd.sock

#547 joshavant closed 8 months ago
1
Update check ID and add check groups for CIS Controls v8 (v1.6.0 - 06-14-2023)

#546 martipoe closed 11 months ago
1
Definition of the assessment status

#545 saikumark opened 11 months ago
1
Docker daemon socket security

#544 Nethaji-nethu closed 4 months ago
1
feat: use SHA instead of tags for base image

#543 UlisesGascon closed 1 year ago
1
Check 5.14 should not check for container MaximumRetryCount

#542 jscheytt closed 1 year ago
4
fix537

#541 halfluke closed 1 year ago
1
"above" -> "below"

#540 ismailarilik closed 1 year ago
1
check if restart policy is 5 or less

#539 konstruktoid closed 9 months ago
0
check 5_14 maximum attempts or maximum retry should be <= 5.

#538 codefrogs closed 9 months ago
3
when jq output is equal "null", is not handled well and checks return a wrong PASS. Also, when jq is not available, cat does not handle well complex values like for example 'default-ulimits'

#537 halfluke closed 1 year ago
9
Update version v1.6.0

#536 konstruktoid closed 1 year ago
0
Fix image sprawl miscalculation

#535 konstruktoid closed 1 year ago
0
Docker 1.6.0 is the latest version

#534 anubhav1992 closed 10 months ago
2
Ensure image sprawl is avoided miscalculation

#532 halfluke closed 1 year ago
1
add label filtering config

#531 lekpamartin closed 1 year ago
10
Is it possible to add containers/images filter by LABEL

#530 lekpamartin closed 1 year ago
3
False positives for 2.5 (ensure no insecure registries)

#529 pgatilov closed 10 months ago
5
tr is required, not truncate

#528 konstruktoid closed 1 year ago
0
Update required programs check to use tr command instead of truncate command

#527 manojrkrish closed 1 year ago
3
update Docker container instructions, remove out-of-date Dockerfiles

#526 konstruktoid closed 1 year ago
0
fix: allow get_docker_configuration_file_args to parse minified json

#525 brsolomon-deloitte closed 1 year ago
2
Bug in get_docker_configuration_file_args() causes false positives

#524 brsolomon-deloitte closed 1 year ago
3
1

#523 Jones7778 closed 1 year ago
0
Issue 521 restart policy

#522 andreagalle closed 1 year ago
8
[false positive] MaximumRetryCount is not set to 5:

#521 andreagalle closed 1 year ago
6
update slsa gha permissions

#520 konstruktoid closed 1 year ago
0
fix version in readme

#519 konstruktoid closed 1 year ago
0
update issue assignment gha

#518 konstruktoid closed 1 year ago
0
update slsa gha

#517 konstruktoid closed 1 year ago
0
update image

#516 konstruktoid closed 1 year ago
0
update yell helper with correct version

#515 konstruktoid closed 1 year ago
0
update version and add version table

#514 konstruktoid closed 1 year ago
0
align tests to CIS Docker Benchmark 1.5.0

#513 konstruktoid closed 1 year ago
0
Docker Benchmark support v1.4.x / v1.5.x

#512 ktsowes closed 10 months ago
17
add support for .NanoCpus

#511 konstruktoid closed 1 year ago
1