🟠 High Security Finding
Scanner: Trivy
Rule: DS-0002
Severity: HIGH
File: backend/Dockerfile:1
Description
Artifact: backend/Dockerfile
Type: dockerfile
Vulnerability DS-0002
Severity: HIGH
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: DS-0002
Remediation Guidance
Misconfiguration DS-0002
Type: Dockerfile Security Check
Severity: HIGH
Check: Image user should not be 'root'
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: DS-0002
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
References
This issue was automatically created by repo-sentinel. Assigned to Copilot for an automated fix attempt.
🟠 High Security Finding
Scanner: Trivy
Rule:
DS-0002Severity: HIGH
File:
backend/Dockerfile:1Description
Artifact: backend/Dockerfile
Type: dockerfile
Vulnerability DS-0002
Severity: HIGH
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: DS-0002
Remediation Guidance
Misconfiguration DS-0002
Type: Dockerfile Security Check
Severity: HIGH
Check: Image user should not be 'root'
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: DS-0002
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
References
This issue was automatically created by repo-sentinel. Assigned to Copilot for an automated fix attempt.