Pathfinder scanned this open-source repository. Scan your own repos free →
← Back to scan results
shivasurya/code-pathfinder

high Missing Image Version

sast-engine/Dockerfile:1

FROM instruction uses 'latest' tag or no tag. Specify explicit versions for reproducible builds.

CWE-1188 open

Code

sast-engine/Dockerfile
1FROM ubuntu:latest
2
3# Missing USER instruction - should trigger DOCKER-SEC-001
4# Using :latest tag - should trigger DOCKER-BP-001

Seen on 8 scans

Get this for your repo.

Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.

Get started View the open-source rules →