ECR repository has image scans disabled.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | ecr |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
ECR repositories are configured without image scanning enabled, preventing automated detection of vulnerabilities in container images during the push process. This allows potentially insecure images to be stored and deployed without security review.
Impact#
Without image scanning, vulnerabilities in container images may go unnoticed, increasing the risk of deploying software with known security flaws. Attackers could exploit these weaknesses to gain unauthorized access, compromise applications, or escalate privileges within the environment.
Resolution#
Enable ECR image scanning