Security Report - data-annotation-service

🔴 Vulnerabilities (0)

Severity	CVE ID	Package	Installed	Fixed In	Description
✅ No vulnerabilities found

🔑 Secrets (0)

Type	File	Line	Match
✅ No secrets found

⚙️ Misconfigurations (2)

Severity	ID	Check	File	Message
HIGH	DS-0002	Image user should not be 'root'	Dockerfile	Specify at least 1 USER command in Dockerfile with non-root user as argument
HIGH	DS-0002	Image user should not be 'root'	Dockerfile.dev	Specify at least 1 USER command in Dockerfile with non-root user as argument

📄 Raw JSON Report (click to expand)

{
  "SchemaVersion": 2,
  "Trivy": {
    "Version": "0.69.0"
  },
  "ReportID": "019c5155-3407-78a8-a43a-42f9b18091f1",
  "CreatedAt": "2026-02-12T10:11:04.327568787Z",
  "ArtifactID": "sha256:a1c9c27aa8105dc18ef8b61b632f790016119fe8597be083640587397d528692",
  "ArtifactName": "/src",
  "ArtifactType": "repository",
  "Metadata": {
    "RepoURL": "https://github.com/eizen-ai/eizen-vip-labelling-tool.git",
    "Branch": "merge-v1",
    "Commit": "1c6ace57d5fffcfa6276e81169885acf99bce5a6",
    "CommitMsg": "vulnerability_issues_fix",
    "Author": "eizen-prasad <prasad.ayithireddi@eizen.ai>",
    "Committer": "eizen-prasad <prasad.ayithireddi@eizen.ai>"
  },
  "Results": [
    {
      "Target": "Dockerfile",
      "Class": "config",
      "Type": "dockerfile",
      "MisconfSummary": {
        "Successes": 23,
        "Failures": 1
      },
      "Misconfigurations": [
        {
          "Type": "Dockerfile Security Check",
          "ID": "DS-0002",
          "Title": "Image user should not be 'root'",
          "Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.",
          "Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument",
          "Namespace": "builtin.dockerfile.DS002",
          "Query": "data.builtin.dockerfile.DS002.deny",
          "Resolution": "Add 'USER <non root user name>' line to the Dockerfile",
          "Severity": "HIGH",
          "PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0002",
          "References": [
            "https://docs.docker.com/develop/develop-images/dockerfile_best-practices/",
            "https://avd.aquasec.com/misconfig/ds-0002"
          ],
          "Status": "FAIL",
          "CauseMetadata": {
            "Provider": "Dockerfile",
            "Service": "general"
          }
        }
      ]
    },
    {
      "Target": "Dockerfile.dev",
      "Class": "config",
      "Type": "dockerfile",
      "MisconfSummary": {
        "Successes": 23,
        "Failures": 1
      },
      "Misconfigurations": [
        {
          "Type": "Dockerfile Security Check",
          "ID": "DS-0002",
          "Title": "Image user should not be 'root'",
          "Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.",
          "Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument",
          "Namespace": "builtin.dockerfile.DS002",
          "Query": "data.builtin.dockerfile.DS002.deny",
          "Resolution": "Add 'USER <non root user name>' line to the Dockerfile",
          "Severity": "HIGH",
          "PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0002",
          "References": [
            "https://docs.docker.com/develop/develop-images/dockerfile_best-practices/",
            "https://avd.aquasec.com/misconfig/ds-0002"
          ],
          "Status": "FAIL",
          "CauseMetadata": {
            "Provider": "Dockerfile",
            "Service": "general"
          }
        }
      ]
    }
  ]
}

🛡️ Security Scan Report

0

2

0

0

0

2