TF 0481 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
ECR repository has image scans disabled.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | ecr |
| Provider | AWS |
| Vulnerability Type | omission |
Description
ECR repositories are configured without image scanning enabled, preventing automated detection of vulnerabilities in container images during the push process. This allows potentially insecure images to be stored and deployed without security review.
Impact
Without image scanning, vulnerabilities in container images may go unnoticed, increasing the risk of deploying software with known security flaws. Attackers could exploit these weaknesses to gain unauthorized access, compromise applications, or escalate privileges within the environment.
Resolution
Enable ECR image scanning