dhi.io/rabbitmq
4.2-debian-dev, 4.2-debian13-dev, 4.2-dev, 4.2.8-debian-dev, 4.2.8-debian13-dev, 4.2.8-dev
sha256:0e34d5920cd5f93fdc99dedf8a707d8c2db9ca2b9618f0aafe0825896f184218
Manifest digest:sha256:bc81a429fe968d7a6779a9107a752789ae706fb6d67f66d01ab11f2ccff0ef09
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/rabbitmq:4.2-debian-dev2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/rabbitmq:4.2-debian-dev --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/rabbitmq@sha256:aaf5ec05553a4bbf28e526422526c6e6dc4fbd29153a3de1ddf745c5574349db |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/rabbitmq@sha256:5ca7ebb24586670cb3327053794cf8c0d351b16aad42d0859c7731a129dfa5b9 |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/rabbitmq@sha256:3f7212d768518bdf8973159d9e77b749211670ef0793450f7e68b396cdddc8c7 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/rabbitmq@sha256:be450e97877d6e74a3bccdcf75b8faea258e7896ca2d3b9352dde0abe903e5b6 |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/rabbitmq@sha256:819e54bbef2349e17fae445e0617bc6645a06786cbfa18806e1a47c39a4bd623 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/rabbitmq@sha256:1ca0d238c8e86b16ac865feeaf08049adfa173a111b3a83c786da5182685fa29 |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/rabbitmq@sha256:0f361ade63073c5cdf3bff79de105e470e32b3c98b0cd191ddae93515eb4ed9e |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/rabbitmq@sha256:c85c720c35262e0f4925861ae66045a0eb6adbc2de51306f3b200b2a69c27c4e |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/rabbitmq@sha256:535d1b8db3300eff7c3f7377aa8dabca716742d30540a221f86f1b56999eb842 |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/rabbitmq@sha256:d9a6c9199d0ea3328637f06b2ccf7657cf1e799dcc9a3024985392e2bfede36b |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/rabbitmq@sha256:553f5c2fe1af693937c59c85662a11aa24bb32c07bd10aa7977044ee7e5a6d74 |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/rabbitmq@sha256:85a8617fd41aaae89eb6a29552c345da805074d8c38da650fa2c1a19d9cb0a80 |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/rabbitmq@sha256:42a96f5b408a4c5b8744c76741e889e04c1493514326237030c61ee75a9ad95f |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/rabbitmq@sha256:329367fa840b945cf8dc1fef3a99a3b46f8ec9a1cdb6f9a7c437e58adf8e2008 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/rabbitmq@sha256:e0cd4e4895a51feadb1494fb8dbe08ce721b127aa7c40b21d5e40a72aba6fb44 |