Critical
High
Medium
Low
Secrets
Misconfig
| Severity | CVE ID | Package | Installed | Fixed In | Description |
|---|---|---|---|---|---|
| ✅ No vulnerabilities found | |||||
| Type | File | Line | Match |
|---|---|---|---|
| ✅ No secrets found | |||
| Severity | ID | Check | File | Message |
|---|---|---|---|---|
| HIGH | DS-0002 | Image user should not be 'root' | Dockerfile | Specify at least 1 USER command in Dockerfile with non-root user as argument |
{
"SchemaVersion": 2,
"Trivy": {
"Version": "0.69.0"
},
"ReportID": "019c7a7f-df36-724a-8275-6a9fab83cb1a",
"CreatedAt": "2026-02-20T10:02:06.518153902Z",
"ArtifactID": "sha256:b3d5bd20fed5698a798bd1e663294d74f9b53126bb1dc9cc4fbf7e160368fa8b",
"ArtifactName": "/src",
"ArtifactType": "repository",
"Metadata": {
"RepoURL": "https://github.com/eizen-ai/eizen-webrtc-api-service.git",
"Branch": "features/vulnerability_fixes",
"Commit": "e9f6bf4d9eb03e39121e90123cfa45a2a9850cf0",
"CommitMsg": "Fix:Resolved the SSL protocol tls server",
"Author": "eizen-prasad <prasad.ayithireddi@eizen.ai>",
"Committer": "eizen-prasad <prasad.ayithireddi@eizen.ai>"
},
"Results": [
{
"Target": "requirements.txt",
"Class": "lang-pkgs",
"Type": "pip",
"Packages": [
{
"Name": "aiohappyeyeballs",
"Identifier": {
"PURL": "pkg:pypi/aiohappyeyeballs@2.6.1",
"UID": "f385643f862081f5"
},
"Version": "2.6.1",
"Locations": [
{
"StartLine": 1,
"EndLine": 1
}
],
"AnalyzedBy": "pip"
},
{
"Name": "aiohttp",
"Identifier": {
"PURL": "pkg:pypi/aiohttp@3.13.3",
"UID": "ebd5129c5111e5aa"
},
"Version": "3.13.3",
"Locations": [
{
"StartLine": 2,
"EndLine": 2
}
],
"AnalyzedBy": "pip"
},
{
"Name": "aiohttp-cors",
"Identifier": {
"PURL": "pkg:pypi/aiohttp-cors@0.8.1",
"UID": "806364757dfb7788"
},
"Version": "0.8.1",
"Locations": [
{
"StartLine": 3,
"EndLine": 3
}
],
"AnalyzedBy": "pip"
},
{
"Name": "aioice",
"Identifier": {
"PURL": "pkg:pypi/aioice@0.10.2",
"UID": "a47a2e1713609d61"
},
"Version": "0.10.2",
"Locations": [
{
"StartLine": 4,
"EndLine": 4
}
],
"AnalyzedBy": "pip"
},
{
"Name": "aiortc",
"Identifier": {
"PURL": "pkg:pypi/aiortc@1.14.0",
"UID": "6f84211e01c9c9c6"
},
"Version": "1.14.0",
"Locations": [
{
"StartLine": 5,
"EndLine": 5
}
],
"AnalyzedBy": "pip"
},
{
"Name": "aiosignal",
"Identifier": {
"PURL": "pkg:pypi/aiosignal@1.4.0",
"UID": "162f353cbe202bf1"
},
"Version": "1.4.0",
"Locations": [
{
"StartLine": 6,
"EndLine": 6
}
],
"AnalyzedBy": "pip"
},
{
"Name": "annotated-types",
"Identifier": {
"PURL": "pkg:pypi/annotated-types@0.7.0",
"UID": "fa8f06fd64f24cae"
},
"Version": "0.7.0",
"Locations": [
{
"StartLine": 7,
"EndLine": 7
}
],
"AnalyzedBy": "pip"
},
{
"Name": "attrs",
"Identifier": {
"PURL": "pkg:pypi/attrs@25.4.0",
"UID": "e6e32972cb212c21"
},
"Version": "25.4.0",
"Locations": [
{
"StartLine": 8,
"EndLine": 8
}
],
"AnalyzedBy": "pip"
},
{
"Name": "av",
"Identifier": {
"PURL": "pkg:pypi/av@16.1.0",
"UID": "ee355b741dfbc137"
},
"Version": "16.1.0",
"Locations": [
{
"StartLine": 9,
"EndLine": 9
}
],
"AnalyzedBy": "pip"
},
{
"Name": "certifi",
"Identifier": {
"PURL": "pkg:pypi/certifi@2026.1.4",
"UID": "7ef8b93659642203"
},
"Version": "2026.1.4",
"Locations": [
{
"StartLine": 10,
"EndLine": 10
}
],
"AnalyzedBy": "pip"
},
{
"Name": "cffi",
"Identifier": {
"PURL": "pkg:pypi/cffi@2.0.0",
"UID": "ece614302910fdc7"
},
"Version": "2.0.0",
"Locations": [
{
"StartLine": 11,
"EndLine": 11
}
],
"AnalyzedBy": "pip"
},
{
"Name": "charset-normalizer",
"Identifier": {
"PURL": "pkg:pypi/charset-normalizer@3.4.4",
"UID": "15b3d3d0a7c0aefb"
},
"Version": "3.4.4",
"Locations": [
{
"StartLine": 12,
"EndLine": 12
}
],
"AnalyzedBy": "pip"
},
{
"Name": "cryptography",
"Identifier": {
"PURL": "pkg:pypi/cryptography@46.0.5",
"UID": "7c6f34cdab9df1d2"
},
"Version": "46.0.5",
"Locations": [
{
"StartLine": 13,
"EndLine": 13
}
],
"AnalyzedBy": "pip"
},
{
"Name": "dnspython",
"Identifier": {
"PURL": "pkg:pypi/dnspython@2.8.0",
"UID": "327015bfc7c1e351"
},
"Version": "2.8.0",
"Locations": [
{
"StartLine": 14,
"EndLine": 14
}
],
"AnalyzedBy": "pip"
},
{
"Name": "frozenlist",
"Identifier": {
"PURL": "pkg:pypi/frozenlist@1.8.0",
"UID": "7c9c577403c8f9d5"
},
"Version": "1.8.0",
"Locations": [
{
"StartLine": 15,
"EndLine": 15
}
],
"AnalyzedBy": "pip"
},
{
"Name": "google-crc32c",
"Identifier": {
"PURL": "pkg:pypi/google-crc32c@1.8.0",
"UID": "e3d17b8f3b496d41"
},
"Version": "1.8.0",
"Locations": [
{
"StartLine": 16,
"EndLine": 16
}
],
"AnalyzedBy": "pip"
},
{
"Name": "idna",
"Identifier": {
"PURL": "pkg:pypi/idna@3.11",
"UID": "1c6849beadeb3b1c"
},
"Version": "3.11",
"Locations": [
{
"StartLine": 17,
"EndLine": 17
}
],
"AnalyzedBy": "pip"
},
{
"Name": "ifaddr",
"Identifier": {
"PURL": "pkg:pypi/ifaddr@0.2.0",
"UID": "f2958d2884cf6e00"
},
"Version": "0.2.0",
"Locations": [
{
"StartLine": 18,
"EndLine": 18
}
],
"AnalyzedBy": "pip"
},
{
"Name": "kafka-python",
"Identifier": {
"PURL": "pkg:pypi/kafka-python@2.3.0",
"UID": "23c2ed7a19b18139"
},
"Version": "2.3.0",
"Locations": [
{
"StartLine": 19,
"EndLine": 19
}
],
"AnalyzedBy": "pip"
},
{
"Name": "loguru",
"Identifier": {
"PURL": "pkg:pypi/loguru@0.7.3",
"UID": "ddf8dd3445d1ba4b"
},
"Version": "0.7.3",
"Locations": [
{
"StartLine": 20,
"EndLine": 20
}
],
"AnalyzedBy": "pip"
},
{
"Name": "multidict",
"Identifier": {
"PURL": "pkg:pypi/multidict@6.7.1",
"UID": "e8a78e66e5cd795b"
},
"Version": "6.7.1",
"Locations": [
{
"StartLine": 21,
"EndLine": 21
}
],
"AnalyzedBy": "pip"
},
{
"Name": "numpy",
"Identifier": {
"PURL": "pkg:pypi/numpy@2.4.2",
"UID": "96f781551a6baad5"
},
"Version": "2.4.2",
"Locations": [
{
"StartLine": 22,
"EndLine": 22
}
],
"AnalyzedBy": "pip"
},
{
"Name": "opencv-python",
"Identifier": {
"PURL": "pkg:pypi/opencv-python@4.13.0.92",
"UID": "8b242b5a7964d1c7"
},
"Version": "4.13.0.92",
"Locations": [
{
"StartLine": 23,
"EndLine": 23
}
],
"AnalyzedBy": "pip"
},
{
"Name": "propcache",
"Identifier": {
"PURL": "pkg:pypi/propcache@0.4.1",
"UID": "75a211abc7f069d0"
},
"Version": "0.4.1",
"Locations": [
{
"StartLine": 24,
"EndLine": 24
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pyOpenSSL",
"Identifier": {
"PURL": "pkg:pypi/pyopenssl@25.3.0",
"UID": "9f1b3b8f765aeb09"
},
"Version": "25.3.0",
"Locations": [
{
"StartLine": 31,
"EndLine": 31
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pycparser",
"Identifier": {
"PURL": "pkg:pypi/pycparser@3.0",
"UID": "59c8172853645c25"
},
"Version": "3.0",
"Locations": [
{
"StartLine": 25,
"EndLine": 25
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pydantic",
"Identifier": {
"PURL": "pkg:pypi/pydantic@2.12.5",
"UID": "d7a1ff973cfd86db"
},
"Version": "2.12.5",
"Locations": [
{
"StartLine": 26,
"EndLine": 26
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pydantic-settings",
"Identifier": {
"PURL": "pkg:pypi/pydantic-settings@2.13.0",
"UID": "d18ab12a1525f71b"
},
"Version": "2.13.0",
"Locations": [
{
"StartLine": 27,
"EndLine": 27
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pydantic_core",
"Identifier": {
"PURL": "pkg:pypi/pydantic-core@2.41.5",
"UID": "726bcc4fdcb0feeb"
},
"Version": "2.41.5",
"Locations": [
{
"StartLine": 28,
"EndLine": 28
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pyee",
"Identifier": {
"PURL": "pkg:pypi/pyee@13.0.1",
"UID": "ea2ced15a2527f72"
},
"Version": "13.0.1",
"Locations": [
{
"StartLine": 29,
"EndLine": 29
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pylibsrtp",
"Identifier": {
"PURL": "pkg:pypi/pylibsrtp@1.0.0",
"UID": "24ffa3171f814ec8"
},
"Version": "1.0.0",
"Locations": [
{
"StartLine": 30,
"EndLine": 30
}
],
"AnalyzedBy": "pip"
},
{
"Name": "python-dotenv",
"Identifier": {
"PURL": "pkg:pypi/python-dotenv@1.2.1",
"UID": "aa47273ad19c05e7"
},
"Version": "1.2.1",
"Locations": [
{
"StartLine": 32,
"EndLine": 32
}
],
"AnalyzedBy": "pip"
},
{
"Name": "pytz",
"Identifier": {
"PURL": "pkg:pypi/pytz@2025.2",
"UID": "9caec34c73b710f2"
},
"Version": "2025.2",
"Locations": [
{
"StartLine": 33,
"EndLine": 33
}
],
"AnalyzedBy": "pip"
},
{
"Name": "redis",
"Identifier": {
"PURL": "pkg:pypi/redis@7.2.0",
"UID": "7e4ff5d6286ed600"
},
"Version": "7.2.0",
"Locations": [
{
"StartLine": 34,
"EndLine": 34
}
],
"AnalyzedBy": "pip"
},
{
"Name": "requests",
"Identifier": {
"PURL": "pkg:pypi/requests@2.32.5",
"UID": "f9129466385e38ee"
},
"Version": "2.32.5",
"Locations": [
{
"StartLine": 35,
"EndLine": 35
}
],
"AnalyzedBy": "pip"
},
{
"Name": "typing-inspection",
"Identifier": {
"PURL": "pkg:pypi/typing-inspection@0.4.2",
"UID": "87af99b3bd95c941"
},
"Version": "0.4.2",
"Locations": [
{
"StartLine": 36,
"EndLine": 36
}
],
"AnalyzedBy": "pip"
},
{
"Name": "typing_extensions",
"Identifier": {
"PURL": "pkg:pypi/typing-extensions@4.15.0",
"UID": "d8eeb7baa8b8b748"
},
"Version": "4.15.0",
"Locations": [
{
"StartLine": 37,
"EndLine": 37
}
],
"AnalyzedBy": "pip"
},
{
"Name": "urllib3",
"Identifier": {
"PURL": "pkg:pypi/urllib3@2.6.3",
"UID": "14f9a35ab94cf022"
},
"Version": "2.6.3",
"Locations": [
{
"StartLine": 38,
"EndLine": 38
}
],
"AnalyzedBy": "pip"
},
{
"Name": "yarl",
"Identifier": {
"PURL": "pkg:pypi/yarl@1.22.0",
"UID": "157f0ed614e9de07"
},
"Version": "1.22.0",
"Locations": [
{
"StartLine": 39,
"EndLine": 39
}
],
"AnalyzedBy": "pip"
},
{
"Name": "zstandard",
"Identifier": {
"PURL": "pkg:pypi/zstandard@0.25.0",
"UID": "bc2e94c22ce697bb"
},
"Version": "0.25.0",
"Locations": [
{
"StartLine": 40,
"EndLine": 40
}
],
"AnalyzedBy": "pip"
}
]
},
{
"Target": "Dockerfile",
"Class": "config",
"Type": "dockerfile",
"MisconfSummary": {
"Successes": 23,
"Failures": 1
},
"Misconfigurations": [
{
"Type": "Dockerfile Security Check",
"ID": "DS-0002",
"Title": "Image user should not be 'root'",
"Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.",
"Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument",
"Namespace": "builtin.dockerfile.DS002",
"Query": "data.builtin.dockerfile.DS002.deny",
"Resolution": "Add 'USER <non root user name>' line to the Dockerfile",
"Severity": "HIGH",
"PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0002",
"References": [
"https://docs.docker.com/develop/develop-images/dockerfile_best-practices/",
"https://avd.aquasec.com/misconfig/ds-0002"
],
"Status": "FAIL",
"CauseMetadata": {
"Provider": "Dockerfile",
"Service": "general"
}
}
]
}
]
}