Audit

Docker image audit and compliance rules

2
Security Rules

Run All Audit Rules

pathfinder scan --ruleset cpf/docker/audit

Rules

Privileged Port Exposed

medium

Detects EXPOSE instructions for ports below 1024, which traditionally require root privileges to bind, conflicting with the security best practice of running containers as non-root users.

dockersecurityportsprivilegeaudit
Updated 2024-12-19

Dockerfile Source Not Pinned

low

Detects FROM instructions without digest pinning, which reduces build reproducibility.

dockerdigestreproducibilityauditsupply-chain
Updated 2024-12-19
Back to Docker CategoriesAll Languages →