apt-get dist-upgrade’ used
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Using ‘apt-get dist-upgrade’ in a Dockerfile can upgrade core system components and major OS versions, leading to inconsistent and unpredictable container builds. This practice undermines image stability and reproducibility by introducing uncontrolled changes.
Impact#
If exploited, this vulnerability can result in containers running untested or incompatible software versions, increasing the risk of breakage or the introduction of vulnerabilities. It may also lead to unexpected behavior, security regressions, or system instability within deployed containers.
Resolution#
Just use different image