cosign

Utils

docker pull reg.mini.dev/cosign

Utils

Updated on June 14

docker pull reg.mini.dev/cosign

Risk Reduction

Understand the security benefits of the Minimus image by comparing its vulnerability profile and size to the public image.

Security Posture

Understand how Minimus vulnerability mitigations and compliance configurations secure this image.

90% CIS Docker compliance 80% NIST compliance Need a FIPS validated version?Go to cosign-fips

Vulnerabilities Comparison

Unique CVE count. Some vulnerabilities may impact multiple packages.

Minimus Image

reg.mini.dev/cosign:latest

vs.

Public Image

gcr.io/projectsigstore/cosign

Detailed Vulnerability Comparison

Daily report prepared June 23, 2026 at 5:34 AM

Minimus image (0)Public image (7)

0 Vulnerabilities

100% reduction

Size Comparison (MB)

Compressed image sizes for amd64.

Package Count & Risk Comparison

Minimus Image

9 total packages

9 combined OS and application packages

Public Image

259 total packages

254 packages in additional layers

5 packages in base layer

Color indicates highest severity impacting the package:

critical

high

medium

low

unknown

none

Scale: 1 square = 1 package

Detailed Package Comparison

Report prepared June 23, 2026 at 5:34 AM

Minimus image (9)Public image (259)

Package	version	type
go.opentelemetry.io/otel/trace	v1.44.0	go-module
gopkg.in/evanphx/json-patch.v4	v4.13.0	go-module
gopkg.in/inf.v0	v0.9.1	go-module
gopkg.in/ini.v1	v1.67.2	go-module
gopkg.in/yaml.v3	v3.0.1	go-module

Minimus Image

Public Image

0 Vulnerabilities

Minimus Image

Public Image

This page is available on desktop