Attestations
dhi.io/redis
8.4-debian-dev, 8.4-debian13-dev, 8.4-dev, 8.4.4-debian-dev, 8.4.4-debian13-dev, 8.4.4-dev
sha256:377cb580d365519492c273232c5ef91389253e6f206c08e06b21b27e3a0bf6ba
Manifest digest:sha256:b9f887fc02f15ae3d511862ef2faef266e16ee7cbd27ac5cca3305919e5f0d4c
Size
41.26 MB
Last pushed
4 days ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/redis:8.4-debian-dev2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/redis:8.4-debian-dev --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/redis@sha256:69ac85af0736d7df9c4a5ecc626a11c4a1ca048f6a71b77cc146551e8e17fc26 |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/redis@sha256:ae00799ec4369af8403783b6eb253ec1ff5f740ac85dec154d2223f94ed2cfa7 |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/redis@sha256:8b566c69edbcbf922155fde2b51b82cbd3aef1eb87f97f2a5ef51d38b0252167 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/redis@sha256:0ca5a91c9c60d144c7565b8b9dad5d38925b398d6a5e13b324e3a618495f5097 |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/redis@sha256:32c0eb6bf186dbe240e9075c0fb55d85e8e1dfc5827c9a500b3215160825d5b1 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/redis@sha256:84ab3a2850c0304872699ca37ddce7f4bdeb0449ce41da978d7b082c4d4850ec |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/redis@sha256:c5ec2b027d1b9835c3d29c82100f7a9ca603d2060efc45e51ec553a8f0b6d701 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/redis@sha256:25995e304d59824375e655fea5d6df6e539e4de552318cad69d7e53e8a56ef13 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/redis@sha256:4e8152efe2f98906a60a74c7d96928c1b7ac3916814fa7d061e7e255759afc89 |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/redis@sha256:2def3a6906f726b7e9e8dcfde289f1208f89662684fdb9f6c584a8bf4deb9622 |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/redis@sha256:20b0d8316f2c7b177813da1cbf6dd84a4f9271094b373f673340abce92efbbd4 |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/redis@sha256:17d2641cb31f233d5c9793eb35e117ce603141df8a2e41d627fdfdaa5d3eae5e |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/redis@sha256:5ace849520b59cd5f549fba97790e1818d1f0443548a0848de1eac9a042a365d |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/redis@sha256:18a92b789525a5686a960251b4ca1e893d5f887a6e3755b4e11a74ea31eb0bfe |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/redis@sha256:6c51dc9728406496e0773ef3122fedc693cc7cad84d6927b09420b8671e60a64 |