RabbitMQ

dhi.io/rabbitmq

RabbitMQ 4.2.x (fips, dev)

CIS
FIPS
STIG
linux/amd64
debian 13
Tags:

4.2-debian-fips-dev, 4.2-debian13-fips-dev, 4.2-fips-dev, 4.2.8-debian-fips-dev, 4.2.8-debian13-fips-dev, 4.2.8-fips-dev

Index digest:

sha256:00aac8fdd3d606e391313e789a9865652e613cb1f0b62f9df268bf78caac7a22

Manifest digest:

sha256:4ac7cf0684baf23b1349f02a37cf8751f41310d629fa8b2124ae9ac394a62e38

Size

102.99 MB

Last pushed

3 days ago

Vulnerabilities

1
2
3
1
13

Support

Ends Jul 2026

Request ELS

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/rabbitmq:4.2-debian-fips-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/rabbitmq:4.2-debian-fips-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/rabbitmq@sha256:b38a70b25f2e1b62a41f32b153c6bda2e40dee980122d4705bf69f422e76e031
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/rabbitmq@sha256:6cae2b639c3e4e28b37c7a81688d609dffe0c5a2d3f8c5f682e355b6945cc2e1
FIPS compliance v0.1https://docker.com/dhi/fips/v0.1dhi.io/rabbitmq@sha256:a4aedefe22e1d357d2250e7f093a33c96951f23b2d4bbf6ce183a741e19cc78e
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/rabbitmq@sha256:6c6da1fdb90a42fec3ac9db958f3b9923f1a25436fb2ff61fd9c5b5ced6efde0
STIG scan v0.1https://docker.com/dhi/stig/v0.1dhi.io/rabbitmq@sha256:ad2b819dcf0ddbfc2782ef7e84b4b46401a667aceab504c82741642dad3cdd3e
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/rabbitmq@sha256:14cedaf69ee8b557e0f82ed0b5920a6155a285064ed2fd93f70e761e175fc4b5
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/rabbitmq@sha256:3c5fe52c552e5f7ede48d890410437eca596987ca15f149ff877153585e7f7d9
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/rabbitmq@sha256:96827774220038f0ff39c7ddc1f76c5c8838fa1c5778f2090352aff69e15a711
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/rabbitmq@sha256:005c85b13df20802265d0656a54b4cedd0cbe0eef4555b7ff7b3819222e17584
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/rabbitmq@sha256:2b442fb485fa7389465865ee49384859a765520a0550a41c656acbf9a7147462
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/rabbitmq@sha256:c53ddc1588bcc39ec1e16c2933dd654797f558c527f111dfbd6aefc97608420b
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/rabbitmq@sha256:a518c153b8f7dad51838a848966b5aca706eabc03fcfc4b7a023f2188d42d12e
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/rabbitmq@sha256:cf8822f3264a0947cefaca8f1f994b94bbf251230f6897235fe779fe3aa0b7fb
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/rabbitmq@sha256:37dbfdab3173b4741dc5cd0c08464df620cd949c7039ecbe9d25ee1f9b8b60f1
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/rabbitmq@sha256:82bf73d2a34de5734f559bd8c420c05e597cea1106fdf2c3d06b97b57c289d4f
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/rabbitmq@sha256:52a627bff41f1dc098be9e49e0b90b45d3efc98a6a8fa2afad93eadbeab70bf6
SPDX SBOMhttps://spdx.dev/Documentdhi.io/rabbitmq@sha256:26c98eb97a3c40a06286d35a33098efac4e432ad666df32a59276d013764ac93