[BE][FE][SECURITY] Kics #502
mkanalkics.yml
on: schedule
Analyze frontend
43s
Analyze backend
2m 13s
Annotations
20 warnings
|
[MEDIUM] Healthcheck Not Set:
frontend/cypress/docker-compose.yml#L7
Check containers periodically to see if they are running properly.
|
|
[MEDIUM] Host Namespace is Shared:
frontend/cypress/docker-compose.yml#L7
The hosts process namespace should not be shared by containers
|
|
[MEDIUM] Host Namespace is Shared:
frontend/docker-compose.yml#L28
The hosts process namespace should not be shared by containers
|
|
[MEDIUM] Last User Is 'root':
frontend/cypress/Dockerfile#L15
Leaving the last user as root can cause security risks. Change to another user after running the commands the need privileges
|
|
[MEDIUM] Networks Not Set:
frontend/cypress/docker-compose.yml#L7
Setting networks in services ensures you are not using dockers default bridge (docker0), which shares traffic bewteen all containers.
|
|
[MEDIUM] Shared Host Network Namespace:
frontend/cypress/docker-compose.yml#L18
Container should not share the host network namespace
|
|
[LOW] Container Capabilities Unrestricted:
frontend/docker-compose.yml#L7
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[LOW] Container Capabilities Unrestricted:
frontend/cypress/docker-compose.yml#L7
Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
|
|
[LOW] Healthcheck Instruction Missing:
frontend/cypress/Dockerfile#L13
Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
|
|
[LOW] Multiple RUN, ADD, COPY, Instructions Listed:
frontend/Dockerfile#L52
Multiple commands (RUN, COPY, ADD) should be grouped in order to reduce the number of layers.
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L2658
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L1046
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L3511
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L1639
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L994
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L1998
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L1085
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L1669
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L682
Objects should not accept 'additionalProperties' if it is possible
|
|
[MEDIUM] Additional Properties Too Permissive:
tx-backend/openapi/traceability-foss-backend.json#L2811
Objects should not accept 'additionalProperties' if it is possible
|