RabbitMQ

dhi.io/rabbitmq

RabbitMQ 4.2.x (dev)

CIS
linux/amd64
debian 13
Tags:

4.2-debian-dev, 4.2-debian13-dev, 4.2-dev, 4.2.8-debian-dev, 4.2.8-debian13-dev, 4.2.8-dev

Index digest:

sha256:0e34d5920cd5f93fdc99dedf8a707d8c2db9ca2b9618f0aafe0825896f184218

Manifest digest:

sha256:bc81a429fe968d7a6779a9107a752789ae706fb6d67f66d01ab11f2ccff0ef09

Size

99.40 MB

Last pushed

3 days ago

Vulnerabilities

1
2
3
1
9

Support

Ends Jul 2026

Request ELS

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/rabbitmq:4.2-debian-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/rabbitmq:4.2-debian-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/rabbitmq@sha256:aaf5ec05553a4bbf28e526422526c6e6dc4fbd29153a3de1ddf745c5574349db
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/rabbitmq@sha256:5ca7ebb24586670cb3327053794cf8c0d351b16aad42d0859c7731a129dfa5b9
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/rabbitmq@sha256:3f7212d768518bdf8973159d9e77b749211670ef0793450f7e68b396cdddc8c7
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/rabbitmq@sha256:be450e97877d6e74a3bccdcf75b8faea258e7896ca2d3b9352dde0abe903e5b6
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/rabbitmq@sha256:819e54bbef2349e17fae445e0617bc6645a06786cbfa18806e1a47c39a4bd623
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/rabbitmq@sha256:1ca0d238c8e86b16ac865feeaf08049adfa173a111b3a83c786da5182685fa29
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/rabbitmq@sha256:0f361ade63073c5cdf3bff79de105e470e32b3c98b0cd191ddae93515eb4ed9e
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/rabbitmq@sha256:c85c720c35262e0f4925861ae66045a0eb6adbc2de51306f3b200b2a69c27c4e
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/rabbitmq@sha256:535d1b8db3300eff7c3f7377aa8dabca716742d30540a221f86f1b56999eb842
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/rabbitmq@sha256:d9a6c9199d0ea3328637f06b2ccf7657cf1e799dcc9a3024985392e2bfede36b
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/rabbitmq@sha256:553f5c2fe1af693937c59c85662a11aa24bb32c07bd10aa7977044ee7e5a6d74
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/rabbitmq@sha256:85a8617fd41aaae89eb6a29552c345da805074d8c38da650fa2c1a19d9cb0a80
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/rabbitmq@sha256:42a96f5b408a4c5b8744c76741e889e04c1493514326237030c61ee75a9ad95f
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/rabbitmq@sha256:329367fa840b945cf8dc1fef3a99a3b46f8ec9a1cdb6f9a7c437e58adf8e2008
SPDX SBOMhttps://spdx.dev/Documentdhi.io/rabbitmq@sha256:e0cd4e4895a51feadb1494fb8dbe08ce721b127aa7c40b21d5e40a72aba6fb44