-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathgl-sast-report_backup.json
1 lines (1 loc) · 1.4 KB
/
gl-sast-report_backup.json
1
{"$schema": "https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/tree/master/dist", "version": "15.0.4", "scan": {"analyzer": {"id": "semgrep", "name": "Semgrep", "url": "https://semgrep.dev", "vendor": {"name": "Semgrep"}, "version": "1.16.0"}, "end_time": "2024-08-05T11:58:46", "scanner": {"id": "semgrep", "name": "Semgrep", "url": "https://semgrep.dev", "vendor": {"name": "Semgrep"}, "version": "1.16.0"}, "start_time": "2024-08-05T11:58:40", "status": "success", "type": "sast", "version": "1.16.0"}, "vulnerabilities": [{"id": "d269e7b5-0c9d-5dae-a42f-a335106d70cb", "category": "sast", "cve": "a28858eb558ebf4b56324197e7b7bae2a5e4a9a5", "message": "By not specifying a USER, a programs in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.", "severity": "Medium", "confidence": "Medium", "scanner": {"id": "semgrep", "name": "Semgrep"}, "location": {"file": "Dockerfile", "start_line": 20, "end_line": 20, "dependency": {"package": {}}}, "identifiers": [{"type": "semgrep_type", "name": "Semgrep - tools.semgrep.rules.splunk_custom.Docker.missing-user", "value": "tools.semgrep.rules.splunk_custom.Docker.missing-user", "url": "https://semgrep.dev/editor?registry=tools.semgrep.rules.splunk_custom.Docker.missing-user"}]}]}