RabbitMQ

dhi.io/rabbitmq

RabbitMQ 4.3.x (fips)

CIS
FIPS
STIG
linux/amd64
debian 13
Tags:

4-debian-fips, 4-debian13-fips, 4-fips, 4.3-debian-fips, 4.3-debian13-fips, 4.3-fips, 4.3.2-debian-fips, 4.3.2-debian13-fips, 4.3.2-fips

Index digest:

sha256:c6088d98d2e19a112201a81195212508cf12c0c9ec77f7a6fa397c20aab32b90

Manifest digest:

sha256:c6ef98186e8c646aed91d7e799beacff993f0bd7a7cfc0d6ce4131bb315bcbdb

Size

91.32 MB

Last pushed

3 days ago

Vulnerabilities

0
0
0
0
4

Support

Ends Jul 2026

Request ELS

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/rabbitmq:4-debian-fips

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/rabbitmq:4-debian-fips --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/rabbitmq@sha256:cebb1b330e5862f50a4c61828b58f648ff75dc82946b2653280f3bde8316c998
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/rabbitmq@sha256:d423c3d01066a84cdeea1bd3583d2174b576189c89e1e8de932cb0c5f3460bae
FIPS compliance v0.1https://docker.com/dhi/fips/v0.1dhi.io/rabbitmq@sha256:8707d30036f7e310960244e8041aa95878ddd7eb3469ed5eb6de0e11a0f04220
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/rabbitmq@sha256:6d2766a496a4b7e894f414cd52e04d22616d2583068ec6abba0e8dd4dff77fbd
STIG scan v0.1https://docker.com/dhi/stig/v0.1dhi.io/rabbitmq@sha256:aed6a10548e7e707a0c14f223b84db7ec39c73bd9414dae5a309b653912f6658
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/rabbitmq@sha256:accbdcf7a4e59ab5896c9d41aa182a1343b730a62d5ba64bbe125b3b875393f4
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/rabbitmq@sha256:92ab6e95d91f85333037754a1f5f696a7bbb6527e7122494a411a5c87994785a
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/rabbitmq@sha256:ea4f5c4f3307e6d2a1cddd2739c4c2e4d2d65c88e854fd6e51c79cb7b7876569
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/rabbitmq@sha256:d7baf8e95240a93ac3cc2e97d1705ef9e7280ae12d27e59b6ff7e48bd6c39132
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/rabbitmq@sha256:0e06958a91191f3d45f88bf680e2808a84ab5609e7a676da53f8806674073780
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/rabbitmq@sha256:2abd3a0610587e61eb95268e21c062e35bb127b6ef557f2eda1266bb0df83ea0
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/rabbitmq@sha256:4c4847dbc726f3df36091ed84fd068158bba2e9199dc31851a7295fc883f05cc
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/rabbitmq@sha256:1ebbb6192cb35c48710f0afca07876910a816ec02275b6ab3855c6313117dfab
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/rabbitmq@sha256:eedf9c0d4d26a616369cfb79aeb8647e058d1a5a165a8e6181418e5033010b50
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/rabbitmq@sha256:a0cd6d8421b4a6683efac5df255eae1dfd41981c8a5efbf351648f68eeea7f7b
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/rabbitmq@sha256:bc9dec98366c03043d6e7c683c150d4c5939ece85e62b0a811dff8b4f1c9822c
SPDX SBOMhttps://spdx.dev/Documentdhi.io/rabbitmq@sha256:db0625915e7e1409d3c267ed3821864d98f7893de766d40c96872f670b67fe9b