Audit

Docker image audit and compliance rules

2
Security Rules

Run All Audit Rules

pathfinder scan --ruleset cpf/docker/audit

Rules

Dockerfile Source Not Pinned

low

FROM instruction without digest pinning. Use @sha256:... for cryptographic verification and exact reproducibility

dockersupply-chainreproducibility
Updated 2024-12-10

Privileged Port Exposed

medium

Exposes privileged port (<1024) which requires root to bind, conflicting with non-root container best practice

dockerportssecurity
Updated 2024-12-10
Back to Docker CategoriesAll Languages →
Audit Security Rules for Docker - 2 SAST Rules | Code Pathfinder | Code Pathfinder