Elasticsearch

dhi.io/elasticsearch

Elasticsearch 8.19.x (fips)

CIS
FIPS
STIG
linux/amd64
debian 13
Tags:

8-debian-fips, 8-debian13-fips, 8-fips, 8.19-debian-fips, 8.19-debian13-fips, 8.19-fips, 8.19.18-debian-fips, 8.19.18-debian13-fips, 8.19.18-fips

Index digest:

sha256:674da3ba0cecc48975f9f397527228c201ececf708459a98f9b26350c78f6e6a

Manifest digest:

sha256:1baf0795cff89c4ead5cc5db7552aa7b0db483f61de64f3990f42b44c449f608

Size

578.75 MB

Last pushed

3 days ago

Vulnerabilities

0
0
2
1
0

Support

Active until Jul 2027

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/elasticsearch:8-debian-fips

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/elasticsearch:8-debian-fips --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/elasticsearch@sha256:61b526f7318abf875ae8a01a21fff9cf5a9ebb6ea9e08bd88940716bd0f1b74a
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/elasticsearch@sha256:314175af1daf446d0dc8de124bf8b55a5eac5c9bc962ed8204fd6a823787452a
FIPS compliance v0.1https://docker.com/dhi/fips/v0.1dhi.io/elasticsearch@sha256:467d1ac4d1c69893d64324ff0aa9a2d72414f4bde2210ada2b514091b74216db
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/elasticsearch@sha256:6e570944bca885116a346298e4e2073565de6f6b34e56f7ecf35ebf70f031da3
STIG scan v0.1https://docker.com/dhi/stig/v0.1dhi.io/elasticsearch@sha256:f035910f1609c5d249f9deb61ce34cb2d58e96b6d986416b3428b281606b6038
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/elasticsearch@sha256:b49b03c1669371626244a04736162583c490ffe95a8512b61c8454c14e4f6e40
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/elasticsearch@sha256:020ef9a90f2dcf8b6d2954354e83276e02e904d0a0dd53f311d4bcff8d68ba00
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/elasticsearch@sha256:1e6ee5929b4077a8887b84df4ee626bb91fe71591af8fbb601d22c26230f04cd
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/elasticsearch@sha256:d44f3fcea4aeebb6c69bc8183a3882a51b33f4d3461138c6eb033c76f3220fa0
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/elasticsearch@sha256:2fdddb0d052da5714e7ace82eb9a814678ccaf134756edf71a7c2cfc552d0749
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/elasticsearch@sha256:72d3b4fa69a39eda1c28b339ceae63747d3b856a975fa89654f88ede048a08ff
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/elasticsearch@sha256:14ed31496fdc1617b07249bfa8f37e085e2b6f918ffa60aa749c706abd2af484
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/elasticsearch@sha256:f094e6ae6e731186df09814e05ea895a401d7b796fcaa8d3e48efca4933a422a
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/elasticsearch@sha256:cd6ae8223281baa3258af60e3fe183ee8f888613a547559f7b9982934d9641e0
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/elasticsearch@sha256:323204c7d0b9ae5f7e7733867b9595adfc61fd3d063dd33ae62b9bff83d24ebc
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/elasticsearch@sha256:d169869310140c6afd63fe14825ba01b96e18f152fee89adb19192a796c9ed4f
SPDX SBOMhttps://spdx.dev/Documentdhi.io/elasticsearch@sha256:8b173f7ef2acf1680730f0831c7f5bfea09851d836b6a52fc71cafa394bd632f