Sécurité

Regroupe les information liées à la sécurité

Ressources



Snyk Tests

https://docs.docker.com/engine/scan/?utm_source=docker&utm_medium=inproductad&utm_campaign=totw-docker-scan

Exemple :

$ docker scan --file Dockerfile docker-scan:e2e

Testing docker-scan:e2e

...

✗ High severity vulnerability found in perl

 Description: Integer Overflow or Wraparound

 Info: https://snyk.io/vuln/SNYK-DEBIAN10-PERL-570802

 Introduced through: git@1:2.20.1-2+deb10u3, meta-common-packages@meta

 From: git@1:2.20.1-2+deb10u3 > perl@5.28.1-6

 From: git@1:2.20.1-2+deb10u3 > liberror-perl@0.17027-2 > perl@5.28.1-6

 From: git@1:2.20.1-2+deb10u3 > perl@5.28.1-6 > perl/perl-modules-5.28@5.28.1-6

 and 3 more...

 Introduced by your base image (golang:1.14.6)

Organization: docker-desktop-test

Package manager: deb

Target file: Dockerfile

Project name: docker-image|99138c65ebc7

Docker image: 99138c65ebc7

Base image: golang:1.14.6

Licenses: enabled

Tested 200 dependencies for known issues, found 157 issues.

According to our scan, you are currently using the most secure version of the selected base image