APPLY stig ubi type #56
jaimeyhAnnotations
32 warnings
|
warn dockerfile:
Dockerfile#L1
warn dockerfile:instruction
Dockerfile directive 'HEALTHCHECK' not found, matching condition 'not_exists' check
|
|
warn dockerfile:
Dockerfile#L1
warn dockerfile:instruction
Dockerfile directive 'USER' not found, matching condition 'not_exists' check
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
scratch
The following actions use a deprecated Node.js version and will be forced to run on node20: docker/login-action@v2, sysdiglabs/scan-action@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
warn dockerfile:
Dockerfile#L1
warn dockerfile:instruction
Dockerfile directive 'HEALTHCHECK' not found, matching condition 'not_exists' check
|
|
warn files:
Dockerfile#L1
warn files:suid_or_guid_set
SUID or SGID found set on file /usr/bin/chage. Mode: 0o104755
|
|
warn files:
Dockerfile#L1
warn files:suid_or_guid_set
SUID or SGID found set on file /usr/bin/gpasswd. Mode: 0o104755
|
|
warn files:
Dockerfile#L1
warn files:suid_or_guid_set
SUID or SGID found set on file /usr/bin/newgrp. Mode: 0o104755
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
Vulnerability found: CVE-2019-3826:
Dockerfile#L1
CVE-2019-3826 Severity=Medium Package=prometheus-1.1.0 Type=java Fix=None Url=https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
ubi
The following actions use a deprecated Node.js version and will be forced to run on node20: docker/login-action@v2, sysdiglabs/scan-action@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|