dhi.io/postgres
PostgreSQL 14.x
14-alpine3.22, 14.21-alpine3.22
sha256:6ac5bb160c8ed3134c90d71fa1da5bf82a0dd82e617552968dea611a20fd79ef
Manifest digest:sha256:01804751b23234178a050380a2ebb21c21affc06cc876ecd51de62a48b79b187
Size
90.16 MB
Last pushed
6 days ago
Vulnerabilities
Health
Overview
Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.
Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.
How to verify attestations
1. List all available attestations
docker scout attest list dhi.io/postgres:14-alpine3.222. Verify a specific attestation
For example, to verify the SLSA provenance attestation:
docker scout attest get dhi.io/postgres:14-alpine3.22 --predicate-type https://slsa.dev/provenance/v0.2 --verifyAttestations
All attestations are signed and can be verified with cosign.
| Predicate | Predicate type | Reference |
|---|---|---|
| CycloneDX SBOM v1.6 | https://cyclonedx.org/bom/v1.6 | dhi.io/postgres@sha256:6aea5f8e401f835bee6317593d420326e1e3f91e1c96b50f6fc8876e4246c008 |
| Changelog v0.1 | https://docker.com/dhi/changelog/v0.1 | dhi.io/postgres@sha256:c483c144a48950357bef55730f4da3607b0515cea10e2420264e1958d45e66df |
| DHI Image Sources v0.1 | https://docker.com/dhi/source/v0.1 | dhi.io/postgres@sha256:172115528b2f7064a639d36ec0e14d6ba51e1c318b2b79416f41223f1aa5fbb0 |
| CVEs v0.2 | https://in-toto.io/attestation/vulns/v0.2 | dhi.io/postgres@sha256:45acb03a4c038e7fc986dcb1a186385d1792fae8d2e6fc584a9132da9139092e |
| VEX v0.2.0 | https://openvex.dev/ns/v0.2.0 | dhi.io/postgres@sha256:c363457d95d455f0396416959d0c038da4aeea3ab7691759ca96945d078a8003 |
| Scout health score v0.1 | https://scout.docker.com/health/v0.1 | dhi.io/postgres@sha256:b53d609b262be7c5d514a22089309e52f460e5334afb188cd0aa6e83c49d07f6 |
| Scout provenance v0.1 | https://scout.docker.com/provenance/v0.1 | dhi.io/postgres@sha256:e463faa7701fe4732293ef8576df81a8e9fdf7bea98785adde2d53ba8864051f |
| Scout SBOM v0.1 | https://scout.docker.com/sbom/v0.1 | dhi.io/postgres@sha256:8ddc6cf9e72b98b59e3463bd255c9fd92e606288da279281d1a9f86f0b354698 |
| Secrets scan v0.1 | https://scout.docker.com/secrets/v0.1 | dhi.io/postgres@sha256:7314d1cd332e8f6314b40cac67119f1a1b1cd3436d002f64b70bf49d64983334 |
| Tests v0.1 | https://scout.docker.com/tests/v0.1 | dhi.io/postgres@sha256:e1ff2cb8bd10d8b76d1d87fda4fcf7c2f6ec15c0e5582de75c6b9d3948d269a3 |
| Virus scan v0.1 | https://scout.docker.com/virus/v0.1 | dhi.io/postgres@sha256:737e9a095b4458655c35314c2ff9239b4de53a4b00a011be5c8adb032d3ef34a |
| CVEs v0.1 | https://scout.docker.com/vulnerabilities/v0.1 | dhi.io/postgres@sha256:9856618b4bf6d148971bc62e892c01ac4df9e891391de397de6f61776685644e |
| SLSA provenance v0.2 | https://slsa.dev/provenance/v0.2 | dhi.io/postgres@sha256:b1d0458b09e97aceb8483e8e553d7c4992f711182db3743536a381d9e0900b6c |
| SLSA provenance v1 | https://slsa.dev/provenance/v1 | dhi.io/postgres@sha256:a6d9a9861f5c43b2e33a04115c766b44377587a62795873a46faa729334dcb13 |
| SLSA verification summary v1 | https://slsa.dev/verification_summary/v1 | dhi.io/postgres@sha256:ad6facba29d6550caaab03b9af7de98ed372d23a126380f0e2d1810e62615396 |
| SPDX SBOM | https://spdx.dev/Document | dhi.io/postgres@sha256:0ca064c8f2056a74f7334585523f50b086f178c21eb99c03c6661f253ba3c412 |