masina-dock/security-reports/config-scan.txt


Report Summary

┌────────────┬────────────┬───────────────────┐
│   Target   │    Type    │ Misconfigurations │
├────────────┼────────────┼───────────────────┤
│ Dockerfile │ dockerfile │         3         │
└────────────┴────────────┴───────────────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


Dockerfile (dockerfile)
=======================
Tests: 27 (SUCCESSES: 24, FAILURES: 3)
Failures: 3 (UNKNOWN: 0, LOW: 1, MEDIUM: 0, HIGH: 2, CRITICAL: 0)

AVD-DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
═══════════════════════════════════════════════════════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds002
───────────────────────────────────────────────────────────────────────────────────────────


AVD-DS-0026 (LOW): Add HEALTHCHECK instruction in your Dockerfile
═══════════════════════════════════════════════════════════════════════════════════════════
You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.

See https://avd.aquasec.com/misconfig/ds026
───────────────────────────────────────────────────────────────────────────────────────────


AVD-DS-0029 (HIGH): '--no-install-recommends' flag is missed: 'apt-get update && apt-get install -y     gcc     g++     libpq-dev     && rm -rf /var/lib/apt/lists/*'
═══════════════════════════════════════════════════════════════════════════════════════════
'apt-get' install should use '--no-install-recommends' to minimize image size.

See https://avd.aquasec.com/misconfig/ds029
───────────────────────────────────────────────────────────────────────────────────────────
 Dockerfile:5-9
───────────────────────────────────────────────────────────────────────────────────────────
   5 ┌ RUN apt-get update && apt-get install -y \
   6 │     gcc \
   7 │     g++ \
   8 │     libpq-dev \
   9 └     && rm -rf /var/lib/apt/lists/*
───────────────────────────────────────────────────────────────────────────────────────────
Initial commit: Masina-Dock Vehicle Management System 2025-10-19 11:10:11 +01:00
			`Report Summary`

			`┌────────────┬────────────┬───────────────────┐`
			`│ Target │ Type │ Misconfigurations │`
			`├────────────┼────────────┼───────────────────┤`
			`│ Dockerfile │ dockerfile │ 3 │`
			`└────────────┴────────────┴───────────────────┘`
			`Legend:`
			`- '-': Not scanned`
			`- '0': Clean (no security findings detected)`


			`Dockerfile (dockerfile)`
			`=======================`
			`Tests: 27 (SUCCESSES: 24, FAILURES: 3)`
			`Failures: 3 (UNKNOWN: 0, LOW: 1, MEDIUM: 0, HIGH: 2, CRITICAL: 0)`

			`AVD-DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument`
			`═══════════════════════════════════════════════════════════════════════════════════════════`
			`Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.`

			`See https://avd.aquasec.com/misconfig/ds002`
			`───────────────────────────────────────────────────────────────────────────────────────────`


			`AVD-DS-0026 (LOW): Add HEALTHCHECK instruction in your Dockerfile`
			`═══════════════════════════════════════════════════════════════════════════════════════════`
			`You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.`

			`See https://avd.aquasec.com/misconfig/ds026`
			`───────────────────────────────────────────────────────────────────────────────────────────`


			`AVD-DS-0029 (HIGH): '--no-install-recommends' flag is missed: 'apt-get update && apt-get install -y gcc g++ libpq-dev && rm -rf /var/lib/apt/lists/*'`
			`═══════════════════════════════════════════════════════════════════════════════════════════`
			`'apt-get' install should use '--no-install-recommends' to minimize image size.`

			`See https://avd.aquasec.com/misconfig/ds029`
			`───────────────────────────────────────────────────────────────────────────────────────────`
			`Dockerfile:5-9`
			`───────────────────────────────────────────────────────────────────────────────────────────`
			`5 ┌ RUN apt-get update && apt-get install -y \`
			`6 │ gcc \`
			`7 │ g++ \`
			`8 │ libpq-dev \`
			`9 └ && rm -rf /var/lib/apt/lists/*`
			`───────────────────────────────────────────────────────────────────────────────────────────`