Critical
High
Medium
Low
Secrets
Misconfig
| Severity | CVE ID | Package | Installed | Fixed In | Description |
|---|---|---|---|---|---|
| ✅ No vulnerabilities found | |||||
| Type | File | Line | Match |
|---|---|---|---|
| ✅ No secrets found | |||
| Severity | ID | Check | File | Message |
|---|---|---|---|---|
| HIGH | DS-0002 | Image user should not be 'root' | Dockerfile | Specify at least 1 USER command in Dockerfile with non-root user as argument |
{
"SchemaVersion": 2,
"Trivy": {
"Version": "0.69.0"
},
"ReportID": "019c5038-7e34-7c9d-91eb-504465aef974",
"CreatedAt": "2026-02-12T05:00:05.556827689Z",
"ArtifactID": "sha256:c357be82488b7667f34055c83f941c6e0929e082809bbb478d03f71c9ca55b95",
"ArtifactName": "/src",
"ArtifactType": "repository",
"Metadata": {
"RepoURL": "https://github.com/eizen-ai/eizen-producer-consumer.git",
"Branch": "code-refactor-v1",
"Commit": "303e4fb39c513fd6117c940ffa41640c11a8f450",
"CommitMsg": "made a single requirments.txt",
"Author": "Pattabhi Rama D <pattabhiramad@Pattabhis-MacBook-Pro-2.local>",
"Committer": "Pattabhi Rama D <pattabhiramad@Pattabhis-MacBook-Pro-2.local>"
},
"Results": [
{
"Target": "requirements.txt",
"Class": "lang-pkgs",
"Type": "pip",
"Packages": [
{
"Name": "PyYAML",
"Identifier": {
"PURL": "pkg:pypi/pyyaml@6.0.3",
"UID": "842d1b75a269e901"
},
"Version": "6.0.3",
"Locations": [
{
"StartLine": 11,
"EndLine": 11
}
],
"AnalyzedBy": "pip"
},
{
"Name": "aiohttp",
"Identifier": {
"PURL": "pkg:pypi/aiohttp@3.13.3",
"UID": "e0e490aabd27e771"
},
"Version": "3.13.3",
"Locations": [
{
"StartLine": 1,
"EndLine": 1
}
],
"AnalyzedBy": "pip"
},
{
"Name": "boto3",
"Identifier": {
"PURL": "pkg:pypi/boto3@1.42.46",
"UID": "6912d72de0e157f6"
},
"Version": "1.42.46",
"Locations": [
{
"StartLine": 2,
"EndLine": 2
}
],
"AnalyzedBy": "pip"
},
{
"Name": "kafka-python",
"Identifier": {
"PURL": "pkg:pypi/kafka-python@2.3.0",
"UID": "640e2b472b944588"
},
"Version": "2.3.0",
"Locations": [
{
"StartLine": 3,
"EndLine": 3
}
],
"AnalyzedBy": "pip"
},
{
"Name": "loguru",
"Identifier": {
"PURL": "pkg:pypi/loguru@0.7.3",
"UID": "32d6807876922762"
},
"Version": "0.7.3",
"Locations": [
{
"StartLine": 4,
"EndLine": 4
}
],
"AnalyzedBy": "pip"
},
{
"Name": "opencv-python",
"Identifier": {
"PURL": "pkg:pypi/opencv-python@4.13.0.92",
"UID": "188b78a50da2daee"
},
"Version": "4.13.0.92",
"Locations": [
{
"StartLine": 5,
"EndLine": 5
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pandas",
"Identifier": {
"PURL": "pkg:pypi/pandas@3.0.0",
"UID": "24ec53d0710d9d45"
},
"Version": "3.0.0",
"Locations": [
{
"StartLine": 6,
"EndLine": 6
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pydantic-settings",
"Identifier": {
"PURL": "pkg:pypi/pydantic-settings@2.12.0",
"UID": "cca3830ff4932c7e"
},
"Version": "2.12.0",
"Locations": [
{
"StartLine": 7,
"EndLine": 7
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pymongo",
"Identifier": {
"PURL": "pkg:pypi/pymongo@4.16.0",
"UID": "a4c1200a4a7e8f45"
},
"Version": "4.16.0",
"Locations": [
{
"StartLine": 8,
"EndLine": 8
}
],
"AnalyzedBy": "pip"
},
{
"Name": "python-dotenv",
"Identifier": {
"PURL": "pkg:pypi/python-dotenv@1.2.1",
"UID": "5fb3685290e2c8cf"
},
"Version": "1.2.1",
"Locations": [
{
"StartLine": 9,
"EndLine": 9
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pytz",
"Identifier": {
"PURL": "pkg:pypi/pytz@2025.2",
"UID": "75d9be2410bca463"
},
"Version": "2025.2",
"Locations": [
{
"StartLine": 10,
"EndLine": 10
}
],
"AnalyzedBy": "pip"
},
{
"Name": "requests",
"Identifier": {
"PURL": "pkg:pypi/requests@2.32.5",
"UID": "16f1528be8f44ae0"
},
"Version": "2.32.5",
"Locations": [
{
"StartLine": 12,
"EndLine": 12
}
],
"AnalyzedBy": "pip"
},
{
"Name": "shapely",
"Identifier": {
"PURL": "pkg:pypi/shapely@2.1.2",
"UID": "9b5f31a0b1f94873"
},
"Version": "2.1.2",
"Locations": [
{
"StartLine": 13,
"EndLine": 13
}
],
"AnalyzedBy": "pip"
},
{
"Name": "streamlink",
"Identifier": {
"PURL": "pkg:pypi/streamlink@8.2.0",
"UID": "f5e79365459a2e00"
},
"Version": "8.2.0",
"Locations": [
{
"StartLine": 14,
"EndLine": 14
}
],
"AnalyzedBy": "pip"
},
{
"Name": "tqdm",
"Identifier": {
"PURL": "pkg:pypi/tqdm@4.67.3",
"UID": "bf9277460a15cea6"
},
"Version": "4.67.3",
"Locations": [
{
"StartLine": 15,
"EndLine": 15
}
],
"AnalyzedBy": "pip"
},
{
"Name": "yt-dlp",
"Identifier": {
"PURL": "pkg:pypi/yt-dlp@2026.2.4",
"UID": "c064f7517123b36"
},
"Version": "2026.2.4",
"Locations": [
{
"StartLine": 16,
"EndLine": 16
}
],
"AnalyzedBy": "pip"
},
{
"Name": "zstandard",
"Identifier": {
"PURL": "pkg:pypi/zstandard@0.25.0",
"UID": "63fbceee8bb24ab"
},
"Version": "0.25.0",
"Locations": [
{
"StartLine": 17,
"EndLine": 17
}
],
"AnalyzedBy": "pip"
}
]
},
{
"Target": "Dockerfile",
"Class": "config",
"Type": "dockerfile",
"MisconfSummary": {
"Successes": 23,
"Failures": 1
},
"Misconfigurations": [
{
"Type": "Dockerfile Security Check",
"ID": "DS-0002",
"Title": "Image user should not be 'root'",
"Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.",
"Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument",
"Namespace": "builtin.dockerfile.DS002",
"Query": "data.builtin.dockerfile.DS002.deny",
"Resolution": "Add 'USER <non root user name>' line to the Dockerfile",
"Severity": "HIGH",
"PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0002",
"References": [
"https://docs.docker.com/develop/develop-images/dockerfile_best-practices/",
"https://avd.aquasec.com/misconfig/ds-0002"
],
"Status": "FAIL",
"CauseMetadata": {
"Provider": "Dockerfile",
"Service": "general"
}
}
]
}
]
}