Scan results · 460d0d3
main · 9 high · 47 medium · 60 low
- low Nonsensical Command extension/secureflow/packages/secureflow-cli/Dockerfile:40
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Use Absolute Path in WORKDIR extension/secureflow/packages/secureflow-cli/Dockerfile:52
WORKDIR should use absolute paths starting with /.
- low Prefer JSON Notation for CMD/ENTRYPOINT extension/secureflow/packages/secureflow-cli/Dockerfile:59
Use JSON notation (exec form) for CMD/ENTRYPOINT for proper signal handling.
- low Container Filesystem is Writable extension/secureflow/packages/secureflow-cli/docker-compose.yml:3
[Service: secureflow-analyzer] Service has writable root filesystem. Consider making it read-only for better security.
- low Regex DoS Risk scripts/migrate-rules-to-yaml.py:43
re.compile/match/search detected. Audit regex patterns for catastrophic backtracking.
- low Regex DoS Risk scripts/migrate-rules-to-yaml.py:49
re.compile/match/search detected. Audit regex patterns for catastrophic backtracking.
- low Regex DoS Risk scripts/migrate-rules-to-yaml.py:131
re.compile/match/search detected. Audit regex patterns for catastrophic backtracking.
- low Regex DoS Risk scripts/migrate-rules-to-yaml.py:146
re.compile/match/search detected. Audit regex patterns for catastrophic backtracking.
- low Regex DoS Risk scripts/migrate-rules-to-yaml.py:158
re.compile/match/search detected. Audit regex patterns for catastrophic backtracking.
- low Regex DoS Risk scripts/migrate-rules-to-yaml.py:184
re.compile/match/search detected. Audit regex patterns for catastrophic backtracking.
Get this for your repo.
Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.