Skip to content
KICS

KICS #97

Sign in to view logs

KICS

KICS #97

Triggered via schedule June 25, 2023 00:39
@LuLeRoemerLuLeRoemer
9f4b32e
main
Status Failure
Total duration 1m 20s
Artifacts

kics.yml

on: schedule
Analyze
1m 12s
Analyze
Fit to window
Zoom out
Zoom in

Annotations

1 error and 10 warnings
Analyze
KICS scan failed with exit code 50
[HIGH] Privilege Escalation Allowed: charts/discoveryfinder/templates/deployment.yaml#L1
Containers should not run with allowPrivilegeEscalation in order to prevent them from gaining more privileges than their parent process
[MEDIUM] Additional Properties Too Permissive: backend/src/main/resources/static/discovery-finder-openapi.yaml#L106
Objects should not accept 'additionalProperties' if it is possible
[MEDIUM] Additional Properties Too Permissive: backend/src/main/resources/static/discovery-finder-openapi.yaml#L131
Objects should not accept 'additionalProperties' if it is possible
[MEDIUM] Additional Properties Too Permissive: backend/src/main/resources/static/discovery-finder-openapi.yaml#L142
Objects should not accept 'additionalProperties' if it is possible
[MEDIUM] Additional Properties Too Permissive: backend/src/main/resources/static/discovery-finder-openapi.yaml#L99
Objects should not accept 'additionalProperties' if it is possible
[MEDIUM] Additional Properties Too Permissive: backend/src/main/resources/static/discovery-finder-openapi.yaml#L158
Objects should not accept 'additionalProperties' if it is possible
[MEDIUM] Additional Properties Too Permissive: backend/src/main/resources/static/discovery-finder-openapi.yaml#L151
Objects should not accept 'additionalProperties' if it is possible
[MEDIUM] CPU Limits Not Set: charts/discoveryfinder/templates/deployment.yaml#L1
CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
[MEDIUM] CPU Requests Not Set: charts/discoveryfinder/templates/deployment.yaml#L1
CPU requests should be set to ensure the sum of the resource requests of the scheduled Containers is less than the capacity of the node
[MEDIUM] Container Running As Root: charts/discoveryfinder/templates/deployment.yaml#L1
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise