Attestations
dhi.io/redis
8.6-alpine-fips, 8.6-alpine3.24-fips, 8.6.4-alpine-fips, 8.6.4-alpine3.24-fips
sha256:8902e187afe8a9d1d08748eb67e08a4887761fa1ac586f7e12580a7b481417ea
Manifest digest:sha256:fe2c188d5aa9602a6858f59fdbe64183c96bb05babcdf957dc6e86c082be885c
Size
24.56 MB
Last pushed
1 day ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/redis:8.6-alpine-fips2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/redis:8.6-alpine-fips --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/redis@sha256:9436a535e8fae129cf8face62c44556599560f49a2ddd02ce730304951b77b9f |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/redis@sha256:8c3b8bb77d62652feae2d4cf63212f154bb31e5692e8ce76c08f9ee613887faf |
| FIPS compliance v0.1 | https://docker.com/dhi/fips/v0.1 | dhi.io/redis@sha256:1c3760ec3a6b55ffb10ac5e6f5503f5c9d29430076e6a7d294d0d72e5303b668 |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/redis@sha256:926b42ec0fc843a3558c3dfbf68dfc2de089c97ca53e5b106fd2a814ba2850d8 |
| STIG scan v0.1 | https://docker.com/dhi/stig/v0.1 | dhi.io/redis@sha256:4ca020cda1e8a0f95fce25e6933a46b8acedf64d6fd5bcab4d6a0a1ac196ba60 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/redis@sha256:b6ae8db2b5873ac781380843c71f4750fab1aed55bbc9654e3e86c1a25107643 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/redis@sha256:6cbe1555ac3e25d7e8d5a9c820fa902d8c61f997eaace1ebb259cccb0d9197c9 |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/redis@sha256:cb412f113a34e9a5611a8106acd7993fbc687d2758a2de6a8d8f139f77c016a3 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/redis@sha256:680637e8c4a167981904b5f33a009a2b8e410e554861ca6709be8aa19715fe81 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/redis@sha256:8547ed652ee31878553bae894655986e29ed36f6889b7c93c2f41c2924e51b81 |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/redis@sha256:29a369763e1028a275e4edf8b52cc7ff8cb90d60b663e3477e495b61b9a2a17e |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/redis@sha256:a8d0d8cc2f45f98869f3aa07023cc071cb30e7e5166f759f14df121539ee69d7 |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/redis@sha256:bc751d844b66401269eb75149f560488ea9ec9df313c7e714c8cc34255e3d843 |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/redis@sha256:153e3f1e700cbe769090e0ce16e0cd4ca565fdbd114ed415c1b8a2776902a63c |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/redis@sha256:9825b8c39c80fcb99ab6131ab53ad91e3540c6fed5ad814e1961aefa01b5b8e6 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/redis@sha256:65046304bd89782fe85512db5c1d86e536e990a06d493c2e1b0599b5a39c82fe |