Ruby

dhi.io/ruby

Ruby 3.3.x (fips, dev)

CIS
FIPS
STIG
linux/amd64
debian 13
Tags:

3.3-debian-fips-dev, 3.3-debian13-fips-dev, 3.3-fips-dev, 3.3.11-debian-fips-dev, 3.3.11-debian13-fips-dev, 3.3.11-fips-dev

Index digest:

sha256:ddf7c45e1de4d23c0e634a4dc4d296eba716d2c08efef2e8336f0539e9614e22

Manifest digest:

sha256:8747b4990d1830393d3c8928458f99418cb138f42de3624a6b1920d93e0172de

Size

157.03 MB

Last pushed

1 day ago

Vulnerabilities

1
2
3
18
22

Support

Active until Mar 2027

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/ruby:3.3-debian-fips-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/ruby:3.3-debian-fips-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/ruby@sha256:c8d760c7f951889f2c9d416411b13fc5b0a06aba8d6acf1f1f77f200591f8d5d
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/ruby@sha256:0f7846e00f7c5c13bda66c83957bbab2cb514d1e6d920e0240948993a208af95
FIPS compliance v0.1https://docker.com/dhi/fips/v0.1dhi.io/ruby@sha256:1303037254e721d3ec5de15a6f78b9c21909b8b9c4326bf7c57fcc76bcace378
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/ruby@sha256:472469942fe908ce1132500bd37d53edc8cd56af459bc68e44895c0bd750a05b
STIG scan v0.1https://docker.com/dhi/stig/v0.1dhi.io/ruby@sha256:0dfaa6600372f8183a50c0501fcb3bb6fff89e8baa3af6802b4bed4b50542257
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/ruby@sha256:e5cd74bd2c8f2b64d47a4f02505b2f827f5a3db70cf98bf9d46cd21814a9452a
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/ruby@sha256:25bdc4f71ff04462fa0a1d1ca5d2a36845fb573c71a71df9affd0a23d369eed7
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/ruby@sha256:3c2f2556bffde7468b6902a61503d27d4b79c71f6fdb9f260cb537d3357d38df
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/ruby@sha256:40f428c7986a33910fdac51219e2e2c71adca7b68df874df8964363250ed4624
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/ruby@sha256:31cbd93f09d1f8ee307cdb4c38d76c0ccb9adef51361f7f80791a741f6c98e61
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/ruby@sha256:15836a6663eac5268df8e5334767ca5af0d590547619a8c05430949b2f9eb959
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/ruby@sha256:b485f90b001e8718884ef4d454f654b78a10f3c1d7f13e4c4e192076391d2a68
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/ruby@sha256:32112ec2a50947fc933b217212f47e82e8ba424bcb5c98128c2cdcd27ce3f515
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/ruby@sha256:060dae5fb6687ffcd2c515be16f1c9f8e83f55f97e8fdd4fa2bb276ef3466d6b
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/ruby@sha256:d0a2b6c9c6853fb14c16b964b038b46b0da90a513094e673defea0c2c260ebc8
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/ruby@sha256:4d8e7d26f8c7ea3bf46ab42f337883c3111e160d06a44c4d4de06efb4d154a9c
SPDX SBOMhttps://spdx.dev/Documentdhi.io/ruby@sha256:ece217245d3b08ce971506f68c98293432d8f4d444fd63cea129611c4ffee7ba