dhi.io/opensearch
3-debian-dev, 3-debian13-dev, 3-dev, 3.7-debian-dev, 3.7-debian13-dev, 3.7-dev, 3.7.0-debian-dev, 3.7.0-debian13-dev, 3.7.0-dev
sha256:97e51cc5ddc7009fcf217ad0110fbf68acfc4497a5d8edf85ec9bd411e1fd49e
Manifest digest:sha256:b081e266ec56cdcdaa762931204602d8a300b8edaf69e3e7caba31cc75d79829
Size
1017.20 MB
Last pushed
9 hours ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/opensearch:3-debian-dev2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/opensearch:3-debian-dev --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/opensearch@sha256:1757b99da2f33cbc911883c26ae09d69f205aeefc8c39dccb774ea4bf3985f65 |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/opensearch@sha256:09eedb18f6c3d693b2e0605bed5ab1231a6af1b563c705569c3ba798145a5d4a |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/opensearch@sha256:5f07fbef76929602c60d18837f70da1285c16480ed8a035b237ca256c5da0e87 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/opensearch@sha256:d20089882635c5c2fbcc41a4c654e38bb87f9f82f2292ddc4421409a415c3090 |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/opensearch@sha256:de8e9aaace49b142e8a7d5363672ba695559b644a5d47a2f7ffc959971147eaf |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/opensearch@sha256:f58e85976230289d5cdae260096c4cdeefff630f34a54a232cac237bdd203a84 |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/opensearch@sha256:6a97a730ff57ed4e5ca5ebbfcc1b08e88569402e0b978c31c03b80d5c0a7abe0 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/opensearch@sha256:abc6b7c504d45b9272a51b5037453352fb028c3279493d25c5161379dab39c50 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/opensearch@sha256:4f165fd90c8917ead912a66c7d0fff44752072a47bfc17752faa5f4301a65e16 |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/opensearch@sha256:d29c4e13d151b1855002efef01d0f9378ec977b79cb698b9e3d1303788448ca1 |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/opensearch@sha256:bee277c21666210f07198733e072611ea9339a74464475187ae78c08575d80e9 |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/opensearch@sha256:314d97821be7286b38d478572b46aa1dc4f9fe7460f4a896040768a768cb83ce |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/opensearch@sha256:a8a867b0bf7164c15f761fdd572f3d4234660ba4892022bf24bae81302c7f0c8 |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/opensearch@sha256:78339efc469b54d362d8bf84fdd34081a5d19855384deaaa565655bb046d57c6 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/opensearch@sha256:155994fe76bd0d3b7e9956659035a4ecbef3e9ffd4fc4f3a5e4d00988a8317fe |