Information
Use COPY instruction instead of ADD instruction in the Dockerfile.
Rationale:
COPY instruction just copies the files from the local host machine to the container file system. ADD instruction potentially could retrieve files from remote URLs and perform operations such as unpacking. Thus, ADD instruction introduces risks such as adding malicious files from URLs without scanning and unpacking procedure vulnerabilities.
Solution
Use COPY instructions in Dockerfiles.
Impact:
You would need to take care of the functionalities provided by ADD instructions such as fetching files from remote URLs.
Default Value:
Not Applicable