OpenSearch Dashboards

dhi.io/opensearch-dashboards

OpenSearch Dashboards 3.x

CIS
linux/amd64
debian 13
Tags:

3, 3-debian, 3-debian13, 3.7, 3.7-debian, 3.7-debian13, 3.7.0, 3.7.0-debian, 3.7.0-debian13

Index digest:

sha256:dfd4480966be136fb98041523fb449ff6752fb215b69f8df6c6db3c50443527f

Manifest digest:

sha256:66faf10eb1e324b4854780ca974381caa802b0feeb85692c520415ab3bbe69ea

Size

305.28 MB

Last pushed

6 hours ago

Vulnerabilities

0
2
8
1
0

Support

Active

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/opensearch-dashboards:3

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/opensearch-dashboards:3 --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/opensearch-dashboards@sha256:cacacdb7a298cb6a3ac91c13c49d0c4e0500f8aba50e25884082f384b170c66d
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/opensearch-dashboards@sha256:97f75f2437cf07a5a3ee79a3bf753db40fca0ad4b5e206ea6c3dc8e0e69de56b
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/opensearch-dashboards@sha256:4133d8a59871e6ffafd6ea93a14d85812d266165629d3fc39abbf8e10fc08f58
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/opensearch-dashboards@sha256:229faab4968b3faf397b6eebd9f042403f59e8e38d3df761bc36ddcf49abd610
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/opensearch-dashboards@sha256:0f8355841476196bf600a368e1d20fef9ffe4f781f7c7319e91c43994192e510
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/opensearch-dashboards@sha256:37f1fafb5b250462cb5ada79f0db51a6f9bb16afadd846228a82b344f45eb142
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/opensearch-dashboards@sha256:4b6e14afd3da5a1dd6a05a985e6d7eb7420c568b7f6340b74b40461b492cfa46
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/opensearch-dashboards@sha256:b918ce587034dd3a17d6293d2513fa1c5193e1d047c03480d4f4bf59dd1fee69
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/opensearch-dashboards@sha256:5c8deb43f87a7e8916d4584783a6aac328148e48aa188de8bc404c66a092dd42
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/opensearch-dashboards@sha256:6ab1b1fc7b6af51b6c48210fe90f8bbeb748c72de1f870b1b936d67fba8aad92
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/opensearch-dashboards@sha256:41b643ddca2b9e0372714116c724a6a7fd46569b929f501f6e2c1d0709a913b3
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/opensearch-dashboards@sha256:339f1de94143924ac3e6f5c1fd5ecd1303ee953b74af63f905cb9bda1a4f5000
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/opensearch-dashboards@sha256:8060f38d0269a225fa77a9668ea8df18201b72403293a6f25faebb7167bb1138
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/opensearch-dashboards@sha256:3925c1a3b65f4257801e0455d8fd9c7fc0b210fc38733f3977b5642c0fc77c94
SPDX SBOMhttps://spdx.dev/Documentdhi.io/opensearch-dashboards@sha256:faf9f795958b8a4ea8ece4aa0b7b7baf4b00bc6a5d264be694faf817767234fc