vault-k8s

Patched

Security & Identity from mirror.gcr.io/hashicorp/vault-k8s

Pull Reference

ghcr.io/verity-org/hashicorp/vault-k8s

docker pull ghcr.io/verity-org/hashicorp/vault-k8s

Available Versions

1.7.4 latest

1.7.3 34 CVEs fixed

1.7.2 62 CVEs fixed

Copa-Patched Image

Patched in-place from the upstream image using Copa . OS-level vulnerabilities are fixed without rebuilding \u2014 same layers, same behavior, fewer CVEs.

Supply Chain

Full compliance details

Signed SLSA L3 SBOM Rekor

Verify this artifact

Cosign signature

cosign verify \
  --certificate-identity-regexp "https://github.com/verity-org/verity/.github/workflows/" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  ghcr.io/verity-org/hashicorp/vault-k8s:1.7.4

Build provenance

gh attestation verify \
  oci://ghcr.io/verity-org/hashicorp/vault-k8s:1.7.4 \
  --owner verity-org

Vulnerability Scan

No vulnerabilities detected in the latest scan.

Source

Copa (in-place patch)

Platforms

linux/amd64, linux/arm64

Registry

ghcr.io/verity-org

Upstream

mirror.gcr.io/hashicorp/vault-k8s

Version

1.7.4