Docker
In this section, you will find a list of the rules associated with the Docker language and the vulnerability reported.
Method | Security Requirement |
---|---|
CONTAINER_DISABLED_SSL | 181. Transmit data using secure protocols |
CONTAINER_USING_SSHPASS | 145. Protect system cryptographic keys 156. Source code without sensitive information 266. Disable insecure functionalities |
CONTAINER_WITHOUT_USER | 095. Define users with privileges 096. Set user's required privileges 186. Use the principle of least privilege |
CONTAINER_WITH_USER_ROOT | 095. Define users with privileges 096. Set user's required privileges 186. Use the principle of least privilege |
DOCKER_ENV_SECRETS | 145. Protect system cryptographic keys 156. Source code without sensitive information 266. Disable insecure functionalities |
DOCKER_PORT_EXPOSED | 181. Transmit data using secure protocols |
DOCKER_USING_ADD_COMMAND | 266. Disable insecure functionalities |
UNPINNED_DOCKER_IMAGE | 266. Disable insecure functionalities |