Docker Debug Enabled In Dockerfile
Description
Detects when debugging is enabled in Docker configurations, which could expose sensitive information about the container or application. Debugging modes should be disabled in production environments as they can leak internal details that attackers could exploit.
Detection Strategy
• Search Dockerfile content for configuration lines that enable debugging
• Flag any instances where debug mode is explicitly enabled
• Check for debug-related environment variables or build arguments being set
Vulnerable code example
# Vulnerable: activa depuración
ENV APP_DEBUG=true
# Ejecuta /run.sh como root
CMD /run.sh
# Vulnerable: depuración duplicada
ENV APP_DEBUG=true
ENV ENV=production
CMD /run.sh...✅ Secure code example
# Use ARG for build-time variables
ARG ENV_TYPE
# Set safer defaults for production use
ENV APP_DEBUG=false
ENV ENV=production
# Use non-root user for security...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.