mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-12 15:50:15 -08:00
43 lines
1.6 KiB
Plaintext
43 lines
1.6 KiB
Plaintext
{
|
|
"SchemaVersion": 2,
|
|
"ReportID": "017b7d41-e09f-7000-80ea-000000000001",
|
|
"CreatedAt": "2021-08-25T12:20:30.000000005Z",
|
|
"ArtifactName": "testdata/fixtures/repo/dockerfile_file_pattern",
|
|
"ArtifactType": "repository",
|
|
"Results": [
|
|
{
|
|
"Target": "Customfile",
|
|
"Class": "config",
|
|
"Type": "dockerfile",
|
|
"MisconfSummary": {
|
|
"Successes": 26,
|
|
"Failures": 1
|
|
},
|
|
"Misconfigurations": [
|
|
{
|
|
"Type": "Dockerfile Security Check",
|
|
"ID": "DS002",
|
|
"AVDID": "AVD-DS-0002",
|
|
"Title": "Image user should not be 'root'",
|
|
"Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.",
|
|
"Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument",
|
|
"Namespace": "builtin.dockerfile.DS002",
|
|
"Query": "data.builtin.dockerfile.DS002.deny",
|
|
"Resolution": "Add 'USER \u003cnon root user name\u003e' line to the Dockerfile",
|
|
"Severity": "HIGH",
|
|
"PrimaryURL": "https://avd.aquasec.com/misconfig/ds002",
|
|
"References": [
|
|
"https://docs.docker.com/develop/develop-images/dockerfile_best-practices/",
|
|
"https://avd.aquasec.com/misconfig/ds002"
|
|
],
|
|
"Status": "FAIL",
|
|
"CauseMetadata": {
|
|
"Provider": "Dockerfile",
|
|
"Service": "general"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|