Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

AWS

Expand this section

Azure

Expand this section

Google

Expand this section

Kubernetes

Report a new vulnerability
RULE SERVICE GROUP
  • H
Container is running in privileged mode
Deployment
  • H
Container is running with Docker socket mount
Deployment
  • H
Network policy does not restrict egress destinations
Deployment
  • H
Policy allows `privileged` containers
Deployment
  • H
The built-in "cluster-admin" role is used
Deployment
  • M
Container does not drop all default capabilities
Deployment
  • M
Container is exposing SSH port
Deployment
  • M
Container is running in host's IPC namespace
Deployment
  • M
Container is running in host's network namespace
Deployment
  • M
Container is running in host's PID namespace
Deployment
  • M
Container is running with SYS_ADMIN capability
Deployment
  • M
Container is running with writable root filesystem
Deployment
  • M
Container is running without privilege escalation control
Deployment
  • M
Container is running without root user control
Deployment
  • M
Pod is running with added capabilities
Deployment
  • M
Policy allows any apparmor profile
Deployment
  • M
Policy allows insecure seccomp profiles
Deployment
  • M
Policy does not prevent use of root user
Deployment
  • M
Role with too wide permissions
Deployment
  • L
Container has no CPU limit
Deployment
  • L
Container is running with custom hosts file configuration
Deployment
  • L
Container is running with custom SELinux options
Deployment
  • L
Container is running with shared mount propagation
Deployment
  • L
Container is running without memory limit
Deployment
  • L
RoleBinding is set to the default service account
Deployment