Elasticsearch

dhi.io/elasticsearch

Elasticsearch 8.19.x

CIS
linux/amd64
debian 13
Tags:

8, 8-debian, 8-debian13, 8.19, 8.19-debian, 8.19-debian13, 8.19.18, 8.19.18-debian, 8.19.18-debian13

Index digest:

sha256:1610dc5c45de068d75cf8ad7b4a76742362803adeec5859d3f76d1f312f42396

Manifest digest:

sha256:094aed366866b9d51a7a13fb3f951a74d2ac6b18c57d15d9b97f3395235ff831

Size

568.30 MB

Last pushed

3 days ago

Vulnerabilities

0
0
2
1
0

Support

Active until Jul 2027

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/elasticsearch:8

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/elasticsearch:8 --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/elasticsearch@sha256:a81872586dc21924296d9b2647f70cb5635cc7a00d559cfa767acde40fb20bfd
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/elasticsearch@sha256:03e9e88c6b39411db5256561e006d8898fc6fe390561ffb41aa1d357eeabe66c
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/elasticsearch@sha256:45c4c25fba59738099b8d567f47b62e82a170a9f05093afd11fa1fabd0c38bec
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/elasticsearch@sha256:260881518777d71828ea95e52a6ca3257bd0d2c5482f24ac6614160b5528c254
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/elasticsearch@sha256:365560b6a430278a72bc3c4db7c7b4b3f4805c8ddf9deeae3fb87143b33ed3ad
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/elasticsearch@sha256:8abf1f797dad0d8f7ec41c0510c3754466d6b175977b5fb564462890d9023d3d
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/elasticsearch@sha256:7056cc6e9e26ebc44c3986bbf435a942033160a441123e079e536df2a8fd5df8
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/elasticsearch@sha256:3b98fd06a14934a2ace7fca4998a177a9c8f5958666a74e0b0836c6cf7d55ed5
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/elasticsearch@sha256:c28c98f5f2898b77f88383985e400778cfeffe82e60f34a166fca6376fe3d401
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/elasticsearch@sha256:ea9ddef7aaaddc076687962e1c145d805e9639d56dca921b66c03151e45ba139
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/elasticsearch@sha256:3afd6a9d951c2f21d5205c1cdc0b68884fecbe820c49c1f0d311e5bfadfe1afd
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/elasticsearch@sha256:8a7626e03b69fa9e5c889d75d9649ddb3658fbaa637f072fdb526d8b18db74b9
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/elasticsearch@sha256:21619af96650b8e3ca2791e4efee0f2c66ed9c0b5c770d609b046d01ec147c8f
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/elasticsearch@sha256:0bafdf71d1e445a4a425aa3826013b7d2b48e41aee983e96c9144e48908418b4
SPDX SBOMhttps://spdx.dev/Documentdhi.io/elasticsearch@sha256:620c4e1d326f9a15120689471d49953370ebc809d717054b866cbb4431c0db35