Add files via upload

[cx-pedro-ferraz]

No description provided.

[cx-pedro-ferraz]

Checkmarx One – Scan Summary & Details – e0973dcb-1a70-40c8-b612-6bd857782484

---

New Issues (73)

Checkmarx found the following issues in this Pull Request

#	Severity	Issue	Source File / Package	Checkmarx Insight
1		Passwords And Secrets - Generic Password	/docker-compose.yml: 15	details Query to find passwords and secrets in infrastructure code. ID: 4SClHNfkMMdYbJ70YiOAg9TFZtM%3D
2		Passwords And Secrets - Generic Password	/docker-compose.yml: 129	details Query to find passwords and secrets in infrastructure code. ID: 8JqHIqqfbfXONsxis%2BIJJcaLws4%3D
3		Container Capabilities Unrestricted	/docker-compose.yml: 88	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: zE4U1b62%2Fez0b6jEpsqhLq7wbM0%3D
4		Container Capabilities Unrestricted	/docker-compose.yml: 122	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: 4vLRguKBMo1Rpn9TLGM16VDfArs%3D
5		Container Capabilities Unrestricted	/docker-compose.yml: 99	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: M02zOj42m1fyPEESb%2FAVUHO42V8%3D
6		Container Capabilities Unrestricted	/docker-compose.yml: 78	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: nDptW4CvmMqUZv225TNF7AO67cY%3D
7		Container Capabilities Unrestricted	/docker-compose.yml: 53	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: IaDhpj4rgKGayAPGKiYxDKjUoqc%3D
8		Container Capabilities Unrestricted	/ide.docker-compose.yml: 3	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: 5dbOME2QK8LvX8ossWoOCu95Nng%3D
9		Container Capabilities Unrestricted	/docker-compose.yml: 108	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: Q4vQDq2q1cONvy%2Bm2%2B%2BE%2BwoNd9U%3D
10		Container Capabilities Unrestricted	/docker-compose.yml: 61	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: dl%2BfDoEeAdyR3fiEi9a4Jc60FGE%3D
11		Container Capabilities Unrestricted	/docker-compose.yml: 39	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: DD%2BD6ARhbG13qYWrpL68bVZFJLc%3D
12		Container Capabilities Unrestricted	/docker-compose.yml: 116	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: jLF8ehR5hbVxK04Em6Fm%2FuuPjH8%3D
13		Container Capabilities Unrestricted	/docker-compose.yml: 134	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: ENhHqkWoTXUGsRheHSmA7hovx5k%3D
14		Container Capabilities Unrestricted	/docker-compose.yml: 3	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec... ID: Pvw0%2FfXz2%2B6eUwf9tvswcwRl3EA%3D
15		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 56	details Incoming container traffic should be bound to a specific host interface ID: SGVzV1HFTka3TajvjMUOqQXD564%3D
16		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 125	details Incoming container traffic should be bound to a specific host interface ID: UGgIYliG18gyP0vQavxtuivNPfY%3D
17		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 64	details Incoming container traffic should be bound to a specific host interface ID: l%2Futef3Qgaxu6SIzF%2BSYiRff7t4%3D
18		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 137	details Incoming container traffic should be bound to a specific host interface ID: jwRiquB4LzB05lHbZpUmhGvbVb0%3D
19		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 102	details Incoming container traffic should be bound to a specific host interface ID: 7bAIcydz%2FoDGFP2ve6VSyvnJbOQ%3D
20		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 91	details Incoming container traffic should be bound to a specific host interface ID: 8gJjxDNzk3EZk%2FAFzs350nvT1jI%3D
21		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 119	details Incoming container traffic should be bound to a specific host interface ID: Tote8XEZOu0WEgX7YAT3F%2FVpO54%3D
22		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 6	details Incoming container traffic should be bound to a specific host interface ID: hU8Q3RqIngR3UK4D0ze2grzHgwE%3D
23		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 81	details Incoming container traffic should be bound to a specific host interface ID: cgT8SgdYVZLXYuemrb0g1Sl4NZM%3D
24		Container Traffic Not Bound To Host Interface	/docker-compose.yml: 43	details Incoming container traffic should be bound to a specific host interface ID: WLno3xbGc%2BhB36KrbSsVP%2BVuDCs%3D
25		Healthcheck Not Set	/docker-compose.yml: 134	details Check containers periodically to see if they are running properly. ID: BsmMnBAnVHqXWgXNX7%2BKFqNiIro%3D
26		Healthcheck Not Set	/docker-compose.yml: 122	details Check containers periodically to see if they are running properly. ID: 771LxyDGkzcDqKlOTIlSVfOgsTg%3D
27		Healthcheck Not Set	/docker-compose.yml: 116	details Check containers periodically to see if they are running properly. ID: nkdKW1iWRriVFJhJjgfcJ9Cm3JA%3D
28		Healthcheck Not Set	/docker-compose.yml: 88	details Check containers periodically to see if they are running properly. ID: LKxFQUOoXAuCgLpuxGZno4%2BPFm8%3D
29		Healthcheck Not Set	/docker-compose.yml: 3	details Check containers periodically to see if they are running properly. ID: 5VS7anOB9MUQnwkA%2BiRnIs%2B9gcg%3D
30		Healthcheck Not Set	/docker-compose.yml: 61	details Check containers periodically to see if they are running properly. ID: hXYE9FfCRMaSjBUg2zVXZeBXAeA%3D
31		Healthcheck Not Set	/docker-compose.yml: 108	details Check containers periodically to see if they are running properly. ID: pqzwzxtBFQPxPFI8NUxyaBN1wno%3D
32		Healthcheck Not Set	/ide.docker-compose.yml: 3	details Check containers periodically to see if they are running properly. ID: qZ9el0d7dN0IayCzOYixH2dChaQ%3D
33		Healthcheck Not Set	/docker-compose.yml: 78	details Check containers periodically to see if they are running properly. ID: e4NymOAGYt%2Fg7%2BiX%2BQni7Dh7BxA%3D
34		Healthcheck Not Set	/docker-compose.yml: 99	details Check containers periodically to see if they are running properly. ID: IMIxWSD6xu3tqKMIlQeKhSMDD6A%3D
35		Healthcheck Not Set	/docker-compose.yml: 39	details Check containers periodically to see if they are running properly. ID: lg0%2FUGsrLxUlXG5zgvBg0izfBI4%3D
36		Healthcheck Not Set	/docker-compose.yml: 53	details Check containers periodically to see if they are running properly. ID: fZwFyaLJfw1CR89R%2BoT3b5eyulY%3D
37		Memory Not Limited	/ide.docker-compose.yml: 3	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: 0%2BEtO%2FO654v3N8MnEGVoG3mccuk%3D
38		Memory Not Limited	/docker-compose.yml: 122	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: yBxk%2FlTaH0Zu4WJhG%2BJNh0rTedE%3D
39		Memory Not Limited	/docker-compose.yml: 78	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: TcCktoiLccYOF3dbLcZdVWi4BGM%3D
40		Memory Not Limited	/docker-compose.yml: 39	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: vjvRFplexbO%2F2CWpszuwItgJVNg%3D
41		Memory Not Limited	/docker-compose.yml: 53	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: %2BBAA2MnexKMlw1IUMvI8DzMMYPU%3D
42		Memory Not Limited	/docker-compose.yml: 61	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: tHSL3YTrDNgrHfzpIxSeR%2BlEZMc%3D
43		Memory Not Limited	/docker-compose.yml: 88	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: WKg9hmO%2B1JAJSkUyOS8iQ6w3%2Fl8%3D
44		Memory Not Limited	/docker-compose.yml: 108	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: gUEhiCC%2FUkAwxnu6lx99sEXcofk%3D
45		Memory Not Limited	/docker-compose.yml: 116	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: 8ufV5pIoqfMM5u1nepOQ3rtuEVY%3D
46		Memory Not Limited	/docker-compose.yml: 134	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: m%2Bv%2FZDxINbOW%2FI9BvHVDDdleeu8%3D
47		Memory Not Limited	/docker-compose.yml: 3	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: lVvDdVz6Xs6PynIp6Jx3nQMUYY4%3D
48		Memory Not Limited	/docker-compose.yml: 99	details Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than ... ID: NrefHF9L06imut0PHMbeyDGTX7I%3D
49		Privileged Ports Mapped In Container	/docker-compose.yml: 6	details Privileged ports (1 to 1023) should not be mapped. Also you should drop net_bind_service linux capability from the container unless you absolu... ID: sR6KuU4x8cmQFH5IF4uBppgCqGI%3D
50		Security Opt Not Set	/docker-compose.yml: 53	details Attribute 'security_opt' should be defined. ID: Xkaa5TjlCkeNEIJZoFMhqtRqrgc%3D
51		Security Opt Not Set	/docker-compose.yml: 3	details Attribute 'security_opt' should be defined. ID: madx8Ec86dwZZJaGDLxTAtRyGw8%3D
52		Security Opt Not Set	/docker-compose.yml: 122	details Attribute 'security_opt' should be defined. ID: lO1uuzuBjxcb7YvQMUbcR6cyzs8%3D
53		Security Opt Not Set	/docker-compose.yml: 61	details Attribute 'security_opt' should be defined. ID: 6aAHQM6ZI%2FNzwGyOKfMvQsVk6dY%3D
54		Security Opt Not Set	/docker-compose.yml: 39	details Attribute 'security_opt' should be defined. ID: kPGdlEUJ6h3RxpXAOYMgWLSKpe0%3D
55		Security Opt Not Set	/docker-compose.yml: 108	details Attribute 'security_opt' should be defined. ID: GGH%2FqFG0c4NelwAF%2FUgpIXX3cKc%3D
56		Security Opt Not Set	/docker-compose.yml: 134	details Attribute 'security_opt' should be defined. ID: y4UAlmLO7lH1BavZei7JGOxBFJU%3D
57		Security Opt Not Set	/docker-compose.yml: 78	details Attribute 'security_opt' should be defined. ID: e8ANI8XVWk4Xl4yQRxCk5J3pTds%3D
58		Security Opt Not Set	/docker-compose.yml: 116	details Attribute 'security_opt' should be defined. ID: GQyHI%2BWl9i8mf4bbwdhF1OdePEI%3D
59		Security Opt Not Set	/docker-compose.yml: 99	details Attribute 'security_opt' should be defined. ID: smPJdzbd%2BbAKwh%2F%2BMgIHFCTq9vs%3D
60		Security Opt Not Set	/ide.docker-compose.yml: 3	details Attribute 'security_opt' should be defined. ID: 7vwr0ERLCRKdWXduR5wigfrryPo%3D
61		Security Opt Not Set	/docker-compose.yml: 88	details Attribute 'security_opt' should be defined. ID: 01Jb6QwVOAAq0vM6EehaKVLvQJw%3D
62		Cpus Not Limited	/ide.docker-compose.yml: 3	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: GU6m91DhnoM4staDLmSRWdBoRA4%3D
63		Cpus Not Limited	/docker-compose.yml: 116	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: 6ZW2IPXnYINYfNyvZWpRsfJoODk%3D
64		Cpus Not Limited	/docker-compose.yml: 3	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: vYTGFntFFARWwB2fhhyJ2nsl5LA%3D
65		Cpus Not Limited	/docker-compose.yml: 99	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: AOk9a1yY285aiBfAoaehwDDqJgw%3D
66		Cpus Not Limited	/docker-compose.yml: 78	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: svk8s%2FRqDxw7NY0uTD4lgYd1M%2BU%3D
67		Cpus Not Limited	/docker-compose.yml: 108	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: zvja8rlq5pV1wJ928QdrWTlntf0%3D
68		Cpus Not Limited	/docker-compose.yml: 122	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: dYEy8p5jwI99GoP3d%2BIP07peaLs%3D
69		Cpus Not Limited	/docker-compose.yml: 61	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: yxV%2FpH2D4NXYHMWisMgvoiPiSOE%3D
70		Cpus Not Limited	/docker-compose.yml: 39	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: Vp%2BAc9qbZyBksJCcKxcWlS2XS1k%3D
71		Cpus Not Limited	/docker-compose.yml: 53	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: g7oz2bJpO2FbrD2cLJSrLz%2Bk2aU%3D
72		Cpus Not Limited	/docker-compose.yml: 134	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: 033tPjlqN%2BPpb%2F0rTNjioJr8qG0%3D
73		Cpus Not Limited	/docker-compose.yml: 88	details CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests ID: SELkXjFFf%2BgcmvTPo3qIBo67y9c%3D

---

Policy Management Violations (1)

Policy Name: BANZAI

The following violations of your team's AppSec policy rules were identified in this project. Since 'Break Build' is enabled for these rules, you must resolve these issues before the Pull Request can be merged. This is the default policy that applies to all projects in your account.

• Rule Name: New vulnerabilities of Critical and High severity levels detected
  Scanner: SAST,SCA,IaC-Security,Containers

---

Communicate with Checkmarx by submitting a PR comment with @Checkmarx followed by one of the supported commands. Learn about the supported commands here.