apt-get’ missing ‘-y’ to avoid manual input
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
The code runs ‘apt-get install’ commands without the ‘-y’ flag, which can cause package installations to pause for manual confirmation. This makes automated builds or deployments unreliable and susceptible to hanging during execution.
Impact#
If exploited or simply left unaddressed, this issue can halt automated deployment pipelines, leading to failed builds, incomplete updates, or prolonged downtime. Attackers could potentially exploit stalled processes to disrupt services or interfere with the application’s deployment workflow.
Resolution#
Add ‘-y’ flag to ‘apt-get