controlplaneio/kubesec

Issues

• There is a HIGH vulnerability

  #636 opened 2 months ago by jdesouza
  0

• Message: Mounting the proc directory from the host system into a container gives access...

  #623 opened 5 months ago by sekveaja
  0

• seccomp rule documentation needs an update

  #604 opened 8 months ago by atombrella
  1

• REGRESSION: Docker command based scan doesn't work as described in README

  #591 opened 10 months ago by shristack
  0

• Return codes inconsistent with scan results

  #580 opened a year ago by huornlmj
  2

• readOnlyRootFilesystem needs a higher score than 1

  #572 opened a year ago by huornlmj
  2

• VolumeClaimAccessModeReadWriteOnce VolumeClaimRequestsStorage issued when StatefulSet has no PVCs

  #281 opened a year ago by mkmik
  1

• Update README

  #555 opened a year ago by Ayush9026
  0

• .spec.securityContext.runAsNonRoot not considered as secure configuration

  #329 opened a year ago by romansil
  2

• .spec.serviceAccountName: "default" is ok?

  #333 opened a year ago by romansil
  3

• kubesec http should permit specifying the IP to bind to

  #510 opened a year ago by hlein
  1

• Clarification on "points" and "advise", especially for RunAsNonRoot

  #504 opened a year ago by huornlmj
  0

• Docker images are built without version details

  #121 opened 4 years ago by 06kellyjac
  6

• Linux binary ist built without version details

  #250 opened a year ago by rdenchev
  4

• Version command returns "unknown"

  #337 opened a year ago by Magier
  0

• Add support for ARM container images

  #448 opened 2 years ago by voron
  4

• Intention behind scoring system

  #471 opened 2 years ago by wiswesser
  3

• The command, print-rules, does not work.

  #411 opened 2 years ago by eengelking
  2

• Support Apple Silicon M1 - "Error: does not offer installation for this platform"

  #383 opened 2 years ago by nicolas-g
  1

• Add a subcommand to print the rules

  #376 opened 2 years ago by spiarh
  0

• Add support for Pod Security Admission scanning

  #379 opened 2 years ago by spiarh
  0

• Add secrets scanning to find secrets accidentally commited to the repo

  #129 opened 2 years ago by 06kellyjac
  2

• Kubernetes Schema is outdated

  #224 opened 2 years ago by czunker
  3

• Default local schemas location doesn't exist

  #243 opened 2 years ago by fr33ky
  1

• Problem installing with `go install`

  #334 opened 2 years ago by xiazek
  1

• Possibly incorrect "spec.securityContext: Additional property seccompProfile is not allowed" error

  #315 opened 2 years ago by hasakura12
  3

• Replace kubeval with kubeconform

  #344 opened 2 years ago by olcuhu
  1

• for configmap kubesec is not working

  #339 opened 2 years ago by jainpratik163
  5

• "This resource kind is not supported by kubesec" when scanning files containing multiple seperated specs

  #287 opened 3 years ago by huornlmj
  1

• apparmor selector seems invalid for deployment type manifests

  #331 opened 2 years ago by brucelee138
  0

• Check for automountServiceAccountToken

  #263 opened 3 years ago by MrKrabat
  0

• Add `oss-fuzz`-ing

  #127 opened 4 years ago by 06kellyjac
  2

• Looking for Good first issue

  #251 opened 3 years ago by JOSHUAJEBARAJ
  1

• Scores - How are they calculated?

  #108 opened 4 years ago by poornimaram88
  1

• Version bump dependencies and fix code to match in-toto changes

  #110 opened 3 years ago by 06kellyjac
  0

• Kubernetes Admission Webhook documentation

  #218 opened 3 years ago by bygui86
  3

• allow kubesec to scan a folder

  #249 opened 3 years ago by georgettica
  1

• Ability to skip/ignore specific findings

  #223 opened 3 years ago by kevinlewis31
  4

• Scratch Dockerfile not built

  #236 opened 3 years ago by jamesocIRL
  2

• CVE-2020-29652

  #184 opened 4 years ago by tspearconquest
  2

• Only run certain CI when there are actually changes to related code

  #138 opened 4 years ago by 06kellyjac
  0

• Helm support

  #142 opened 4 years ago by andpozo
  2

• CodeQL - `git checkout HEAD^2 is no longer necessary`

  #132 opened 4 years ago by 06kellyjac
  0

• Expand on contribution requirements and details

  #130 opened 4 years ago by 06kellyjac
  0

• Add sarif output

  #128 opened 4 years ago by 06kellyjac
  0

• Add CII best practices badge

  #126 opened 4 years ago by 06kellyjac
  0

• Unable to go get

  #109 opened 4 years ago by rumstead
  6

• Custom rule exception options required for automation

  #124 opened 4 years ago by huornlmj
  3

• Empty YAML documents interpreted as "Invalid input"

  #120 opened 4 years ago by sheisnicola
  5

• Support `-` in place of `/dev/stdin` and/or fall back to stdin if no file provided

  #104 opened 4 years ago by 06kellyjac
  0