Scan results · 00a5753
main · 2 critical · 14 high · 59 medium · 82 low
- low Nonsensical Command sast-engine/Dockerfile:6
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low apt-get Without --no-install-recommends sast-engine/Dockerfile:6
apt-get install without --no-install-recommends. This installs unnecessary packages, increasing image size and attack surface.
- low Nonsensical Command sast-engine/Dockerfile:10
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Prefer apt-get over apt sast-engine/Dockerfile:10
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Use WORKDIR Instead of cd sast-engine/Dockerfile:10
Use WORKDIR instruction instead of 'cd' in RUN commands.
- low Use WORKDIR Instead of cd sast-engine/Dockerfile:13
Use WORKDIR instruction instead of 'cd' in RUN commands.
- low Prefer apt-get over apt sast-engine/Dockerfile:13
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Nonsensical Command sast-engine/Dockerfile:13
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Prefer apt-get over apt sast-engine/Dockerfile:16
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Missing -y flag for yum sast-engine/Dockerfile:16
yum install without -y flag. Add -y for non-interactive builds.
Get this for your repo.
Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.