redis

Patched
Databases & Caching from mirror.gcr.io/library/redis
Pull Reference
ghcr.io/verity-org/library/redis
docker pull ghcr.io/verity-org/library/redis
Copa-Patched Image

Patched in-place from the upstream image using Copa . OS-level vulnerabilities are fixed without rebuilding \u2014 same layers, same behavior, fewer CVEs.

Supply Chain
Full compliance details
Signed SLSA L3 SBOM Rekor
Verify this artifact
Cosign signature
cosign verify \
  --certificate-identity-regexp "https://github.com/verity-org/verity/.github/workflows/" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  ghcr.io/verity-org/library/redis:8.6.0
Build provenance
gh attestation verify \
  oci://ghcr.io/verity-org/library/redis:8.6.0 \
  --owner verity-org

Vulnerability Scan

Found 91 vulnerabilit ies in the original image. 8 fixed by Copa. 83 remaining after patching.

7HIGH12MEDIUM71LOW1UNKNOWN

Awaiting upstream fix

No fix is available yet for these vulnerabilities.

IDPackageInstalledFixedSeverity
CVE-2026-29111libsystemd0257.9-1~deb13u1 HIGH
CVE-2025-69720libtinfo66.5+20250216-2 HIGH
CVE-2026-29111libudev1257.9-1~deb13u1 HIGH
CVE-2025-69720ncurses-base6.5+20250216-2 HIGH
CVE-2025-69720ncurses-bin6.5+20250216-2 HIGH
CVE-2026-4437libc-bin2.41-12+deb13u2 MEDIUM
CVE-2026-4438libc-bin2.41-12+deb13u2 MEDIUM
CVE-2026-4437libc62.41-12+deb13u2 MEDIUM
CVE-2026-4438libc62.41-12+deb13u2 MEDIUM
CVE-2026-4105libsystemd0257.9-1~deb13u1 MEDIUM
CVE-2026-4105libudev1257.9-1~deb13u1 MEDIUM
CVE-2026-27171zlib1g1:1.3.dfsg+really1.3.1-1+b1 MEDIUM
CVE-2011-3374apt3.0.3 LOW
TEMP-0841856-B18BAFbash5.2.37-2+b7 LOW
CVE-2022-0563bsdutils1:2.41-5 LOW
CVE-2025-14104bsdutils1:2.41-5 LOW
CVE-2026-3184bsdutils1:2.41-5 LOW
CVE-2017-18018coreutils9.7-3 LOW
CVE-2025-5278coreutils9.7-3 LOW
CVE-2011-3374libapt-pkg7.03.0.3 LOW
CVE-2022-0563libblkid12.41-5 LOW
CVE-2025-14104libblkid12.41-5 LOW
CVE-2026-3184libblkid12.41-5 LOW
CVE-2010-4756libc-bin2.41-12+deb13u2 LOW
CVE-2018-20796libc-bin2.41-12+deb13u2 LOW
CVE-2019-1010022libc-bin2.41-12+deb13u2 LOW
CVE-2019-1010023libc-bin2.41-12+deb13u2 LOW
CVE-2019-1010024libc-bin2.41-12+deb13u2 LOW
CVE-2019-1010025libc-bin2.41-12+deb13u2 LOW
CVE-2019-9192libc-bin2.41-12+deb13u2 LOW
CVE-2010-4756libc62.41-12+deb13u2 LOW
CVE-2018-20796libc62.41-12+deb13u2 LOW
CVE-2019-1010022libc62.41-12+deb13u2 LOW
CVE-2019-1010023libc62.41-12+deb13u2 LOW
CVE-2019-1010024libc62.41-12+deb13u2 LOW
CVE-2019-1010025libc62.41-12+deb13u2 LOW
CVE-2019-9192libc62.41-12+deb13u2 LOW
CVE-2022-0563liblastlog2-22.41-5 LOW
CVE-2025-14104liblastlog2-22.41-5 LOW
CVE-2026-3184liblastlog2-22.41-5 LOW
CVE-2022-0563libmount12.41-5 LOW
CVE-2025-14104libmount12.41-5 LOW
CVE-2026-3184libmount12.41-5 LOW
CVE-2022-0563libsmartcols12.41-5 LOW
CVE-2025-14104libsmartcols12.41-5 LOW
CVE-2026-3184libsmartcols12.41-5 LOW
CVE-2021-45346libsqlite3-03.46.1-7+deb13u1 LOW
CVE-2025-70873libsqlite3-03.46.1-7+deb13u1 LOW
CVE-2026-2673libssl3t643.5.4-1~deb13u2 LOW
CVE-2013-4392libsystemd0257.9-1~deb13u1 LOW
CVE-2023-31437libsystemd0257.9-1~deb13u1 LOW
CVE-2023-31438libsystemd0257.9-1~deb13u1 LOW
CVE-2023-31439libsystemd0257.9-1~deb13u1 LOW
CVE-2025-6141libtinfo66.5+20250216-2 LOW
CVE-2013-4392libudev1257.9-1~deb13u1 LOW
CVE-2023-31437libudev1257.9-1~deb13u1 LOW
CVE-2023-31438libudev1257.9-1~deb13u1 LOW
CVE-2023-31439libudev1257.9-1~deb13u1 LOW
CVE-2022-0563libuuid12.41-5 LOW
CVE-2025-14104libuuid12.41-5 LOW
CVE-2026-3184libuuid12.41-5 LOW
CVE-2022-0563login1:4.16.0-2+really2.41-5 LOW
CVE-2025-14104login1:4.16.0-2+really2.41-5 LOW
CVE-2026-3184login1:4.16.0-2+really2.41-5 LOW
CVE-2007-5686login.defs1:4.17.4-2 LOW
CVE-2024-56433login.defs1:4.17.4-2 LOW
TEMP-0628843-DBAD28login.defs1:4.17.4-2 LOW
CVE-2022-0563mount2.41-5 LOW
CVE-2025-14104mount2.41-5 LOW
CVE-2026-3184mount2.41-5 LOW
CVE-2025-6141ncurses-base6.5+20250216-2 LOW
CVE-2025-6141ncurses-bin6.5+20250216-2 LOW
CVE-2026-2673openssl-provider-legacy3.5.4-1~deb13u2 LOW
CVE-2007-5686passwd1:4.17.4-2 LOW
CVE-2024-56433passwd1:4.17.4-2 LOW
TEMP-0628843-DBAD28passwd1:4.17.4-2 LOW
CVE-2011-4116perl-base5.40.1-6 LOW
TEMP-0517018-A83CE6sysvinit-utils3.14-4 LOW
CVE-2005-2541tar1.35+dfsg-3.1 LOW
TEMP-0290435-0B57B5tar1.35+dfsg-3.1 LOW
CVE-2022-0563util-linux2.41-5 LOW
CVE-2025-14104util-linux2.41-5 LOW
CVE-2026-3184util-linux2.41-5 LOW
Source
Copa (in-place patch)
Platforms
linux/amd64, linux/arm64
Registry
ghcr.io/verity-org
Upstream
mirror.gcr.io/library/redis