TF 0379 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
apt-get' missing '-y' to avoid manual input
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description
The code runs 'apt-get install' commands without the '-y' flag, which can cause package installations to pause for manual confirmation. This makes automated builds or deployments unreliable and susceptible to hanging during execution.
Impact
If exploited or simply left unaddressed, this issue can halt automated deployment pipelines, leading to failed builds, incomplete updates, or prolonged downtime. Attackers could potentially exploit stalled processes to disrupt services or interfere with the application's deployment workflow.
Resolution
Add '-y' flag to 'apt-get