# Docker Base Image Security

- ID: docker-base-image-security
- Severity: MEDIUM
- CWE: CWE-1104 (CWE-1104)
- Languages: Dockerfile
- Frameworks: docker

## Description

Detects base images using "latest" tag or missing version tags.

## Detection Message

Dockerfile uses {issue_type}: {image_reference}

## Remediation

Use specific version tags for base images.

```dockerfile
FROM node:24-alpine
```

Learn more: https://shoulder.dev/learn/docker/cwe-1104/base-image-security

## Documentation

[object Object]

## Related Rules

- **Use npm ci for Reproducible Builds** [LOW]: 
- **Dockerfile Uses Outdated Node.js Version** [MEDIUM]: 
- **.nvmrc Specifies Outdated Node.js Version** [MEDIUM]: 
- **Node.js Version Mismatch Between Configuration Files** [MEDIUM]: