TF 0040 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Multiple CMD instructions listed
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description
The Dockerfile contains multiple CMD instructions, but only the last one will be executed at container runtime, causing earlier CMDs to be ignored and potentially leading to unexpected container behavior.
Impact
If multiple CMDs are specified, the intended application entrypoint might not run, leading to application failures, reduced reliability, or security gaps if critical startup commands are omitted. This can disrupt deployments and expose the environment to misconfiguration risks.
Resolution
Dockerfile should only have one CMD instruction. Remove all the other CMD instructions