github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/dockerfile/general/AVD-DS-0005/docs.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/dockerfile/general/AVD-DS-0005/docs.md (about)

     1  
     2  You should use COPY instead of ADD unless you want to extract a tar file. Note that an ADD command will extract a tar file, which adds the risk of Zip-based vulnerabilities. Accordingly, it is advised to use a COPY command, which does not extract tar files.
     3  
     4  ### Impact
     5  <!-- Add Impact here -->
     6  
     7  <!-- DO NOT CHANGE -->
     8  {{ remediationActions }}
     9  
    10  ### Links
    11  - https://docs.docker.com/engine/reference/builder/#add
    12  
    13