prometheus-es-exporter

Patched

Monitoring & Observability from quay.io/prometheuscommunity/elasticsearch-exporter

Pull Reference

ghcr.io/verity-org/prometheuscommunity/elasticsearch-exporter

docker pull ghcr.io/verity-org/prometheuscommunity/elasticsearch-exporter

Available Versions

v1.10.0 latest 13 CVEs fixed

v1.9.0 46 CVEs fixed

v1.8.0 50 CVEs fixed

Copa-Patched Image

Patched in-place from the upstream image using Copa . OS-level vulnerabilities are fixed without rebuilding \u2014 same layers, same behavior, fewer CVEs.

Supply Chain

Full compliance details

Signed SLSA L3 SBOM Rekor

Verify this artifact

Cosign signature

cosign verify \
  --certificate-identity-regexp "https://github.com/verity-org/verity/.github/workflows/" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  ghcr.io/verity-org/prometheuscommunity/elasticsearch-exporter:v1.10.0

Build provenance

gh attestation verify \
  oci://ghcr.io/verity-org/prometheuscommunity/elasticsearch-exporter:v1.10.0 \
  --owner verity-org

Vulnerability Scan

Found 13 vulnerabilit ies in the original image. 13 fixed by Copa.

1CRITICAL3HIGH5MEDIUM1LOW3UNKNOWN

Source

Copa (in-place patch)

Platforms

linux/amd64, linux/arm64

Registry

ghcr.io/verity-org

Upstream

quay.io/prometheuscommunity/elasticsearch-exporter

Version

v1.10.0