Containers & Docker
Distroless Container Image Reference
Search distroless image variants by runtime or use case. Covers distroless/static, distroless/base, Java images, debug variants, and CVE reduction impact.
No data is transmitted — everything runs locallyTool
About this tool
Distroless Container Image Reference
The Distroless Container Image Reference covers static, base, java, and language-specific distroless image variants with debug access patterns and CVE reduction impact.
• Find the correct distroless image for a Go binary compiled with CGO disabled
• Look up distroless debug image syntax before attaching to a distroless container
• Compare distroless vs alpine CVE counts for a security audit
• Reference distroless Java image variants before choosing between JRE and JDK base
Next step
Container Base Image Comparison — Compare container base images by size, compatibility, and attack surface for your runtime.
Open Container Base Image Comparison →
FAQ
What does this tool tell you?
The Distroless Container Image Reference covers static, base, java, and language-specific distroless image variants with debug access patterns and CVE reduction impact.
What affects the result most?
distroless/static: no libc — only for statically compiled binaries (Go, Rust with musl). distroless/base: glibc + libssl — for dynamically linked binaries, no shell or package manager. distroless/java21: JVM + OpenJDK — no JDK tools, only runtime, ~200MB.
How should I use the result?
Use this tool to orient quickly to the concepts, field names, or values you are about to look up in a full specification or vendor documentation. It summarizes the common cases; the authoritative source remains whichever standard or vendor doc defines the values themselves.
Related tools