Attestations
dhi.io/redis
8-debian-dev, 8-debian13-dev, 8-dev, 8.8-debian-dev, 8.8-debian13-dev, 8.8-dev, 8.8.0-debian-dev, 8.8.0-debian13-dev, 8.8.0-dev
sha256:52688a591316a88de7880f3d865a95898f665f6612d847c230cd9b44be7ecbc0
Manifest digest:sha256:8eecb255da050bad52858533b805f9924180543a1db8852e65d4e6b688bf7797
Size
42.38 MB
Last pushed
3 days ago
Vulnerabilities
Support
Active
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
1. List all available attestations
docker scout attest list dhi.io/redis:8-debian-dev2. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/redis:8-debian-dev --predicate-type https://slsa.dev/provenance/v0.2 --verifyAll attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/redis@sha256:74382e464bf8e09cb1f415e50dbf26ca5b2319af9cf7a7141d98177194267a64 |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/redis@sha256:29b3946a95b077ea188d5da0d0d6e3c2b14684fd1e1fb026b46ef662bb51e816 |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/redis@sha256:8f2244291672f08c0c94a06eb8797fcdfc9d3b5689e2fac1b53390c84292336c |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/redis@sha256:cf783001d1441bdaa17b1704f30d07e5d5a2a6156dbf54211fb7e7e896752f77 |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/redis@sha256:190cc9bd36f905a984f4e6a74400d72581c4f64fa75e1a025d138109d757f004 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/redis@sha256:9b772dba319917949de66f95991972f4aa40b293a3dc6cc59dc57fda8d85ee18 |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/redis@sha256:e584e8d06cc5f899fecdd82a9842b2cee4bd06d032ace7a80cefb3d4966d7598 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/redis@sha256:efa864860fb6eda869f91c443b3711168dad2784ed41e5da4e380a2ba16dffb7 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/redis@sha256:e677bf90bd5d752907286a5177d4871975b3e5837aedbaf290a369f5dfc9c6e2 |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/redis@sha256:440805be0cccbc1dec428d07cca81bfd21074897f84a34fb159b295c46556b2a |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/redis@sha256:3c8c084e71c002266ccb1669788f18dd6e366c78a47bd37f4318125961cdc7c5 |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/redis@sha256:e2e7bb213b6ad835e1ff8bd0ecc6e23d1b98a7f8b6f64f352b5c490e1ec67edf |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/redis@sha256:503c9cf41143a587330fca2f5b803e485a734ff4f31d84b3d7a347e2a2121f30 |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/redis@sha256:1618d50d98eb133993e605fa3fc742904abbe2c15d29040baeb0f2040708b96c |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/redis@sha256:cd21bf3ce9b3b1e4f4ba0d3e17bed2e34f6cf5b14999aa483ac2bcb37130d006 |