OPSEXP-2920 Bump all components versions to latest #528
gionnAnnotations
11 warnings
|
kics
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
|
[HIGH] Missing User Instruction:
java/Dockerfile#L26
A user should be specified in the dockerfile, otherwise the image will run as root
|
|
[MEDIUM] Add Instead of Copy:
connector/ms365/Dockerfile#L10
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
ats/sfs/Dockerfile#L11
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
connector/msteams/Dockerfile#L10
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
tengine/tika/Dockerfile#L17
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
tengine/pdfrenderer/Dockerfile#L18
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
tengine/libreoffice/Dockerfile#L26
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
ats/trouter/Dockerfile#L11
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Add Instead of Copy:
tengine/misc/Dockerfile#L12
Using ADD to load external installation scripts could lead to an evil web server leveraging this and loading a malicious script.
|
|
[MEDIUM] Apt Get Install Pin Version Not Defined:
tomcat/Dockerfile#L21
When installing a package, its pin version should be defined
|