Attestations
dhi.io/redis
8.6-alpine3.23-fips, 8.6.4-alpine3.23-fips
sha256:2ca93e5b61ca2d2fd49f206a65df8182d9dc59f851dbfb43413f6c7d98857973
Manifest digest:sha256:380ccaf542dfd2953771f54a9a226c2782af3402cf4d62cdc7023ef23ed39391
Size
24.55 MB
Last pushed
2 days ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/redis:8.6-alpine3.23-fips2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/redis:8.6-alpine3.23-fips --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/redis@sha256:03353540155cb11940756723fb0a2362c253c910b13f762e6f3048ed9f4ba649 |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/redis@sha256:46d188a19685ccfeb810f5245b137c359bd6dba2afcd90fbf8b9c6996b558c4f |
| FIPS compliance v0.1 | https://docker.com/dhi/fips/v0.1 | dhi.io/redis@sha256:383fbce9511a109bef6bd117529622317031f33485493b8885f6239e719cf404 |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/redis@sha256:cc81c63476fb76ab4b176cb4ccb5b9ffb4ddc935fbf648fb1646285f4585529e |
| STIG scan v0.1 | https://docker.com/dhi/stig/v0.1 | dhi.io/redis@sha256:75017696f3eda2186904f7fc96d547e901a955aa9bc4146183207bf245c6aa30 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/redis@sha256:cd0c49aca2449ff348283223aa9b0309d3e654b805d1560cccc4a2a5a739cb3a |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/redis@sha256:66cd2ece74485cd7171bec8b22a1a7c4ddeb110aad85d85225c77542f1ca1b9d |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/redis@sha256:42c228e3514146088fecb91b739b83b25f3c4792529ff4278f8bf26b120e4c52 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/redis@sha256:b7a8d2db25ce3cfd55f476b5f3b07b3102cb24b4513fd3cec9bdb8ca5a9c4df8 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/redis@sha256:4ec2a32bf3c784bc6799c56ef919d24a5b9903967900457d461aa97cf3b0c9cf |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/redis@sha256:403450675f7e04c9aab0d1e45012823263223d4e50ae91e1219f21ce00ee2c6e |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/redis@sha256:6af0d545c2fec1643d6bdf09bc2c4b9825e32f570b7f6e257780bee48c4f947b |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/redis@sha256:44a7b02028e3eeff6a3d0c9909b64e912cb041fbba0ab758831e2651e78dc270 |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/redis@sha256:4c5204078df862b6b18b76e26ddce4dd1665156d57428a0eb67751659fafa3bc |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/redis@sha256:7aaaefa9d128ee93110f82287ba4e1fddf215034a52945768685c5dc649beab8 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/redis@sha256:783cda0eb3c1c5340701632105ed8989bf57e9a33b16d53265b3ac70de0b0581 |