BETA Shoulder is in beta — Findings may sometimes be wrong. Your feedback shapes what we fix next. Share feedback
Shoulder.dev

Understand what every change actually did to your system.
🐳
Dockerfile Security
16 rules
5 CWEs 1 critical

Dockerfile Security Vulnerabilities

Shoulder detects 16 security patterns specific to Dockerfile applications built with Dockerfile.

Framework Coverage

Docker 15 rules Nodejs 2 rules

Vulnerability Categories

CWE-1104 4 rules
Use of Unmaintained Third Party Components
CWE-1395 3 rules
Dependency on Vulnerable Third-Party Component
CWE-250 2 rules
Execution with Unnecessary Privileges
CWE-693 1 rules
Protection Mechanism Failure
CWE-798 1 rules
Use of Hard-coded Credentials
1 critical
🐳

Scan your Dockerfile project

Run Shoulder CLI to find Dockerfile-specific vulnerabilities.

npx @shoulderdev/cli trust . All Dockerfile threats