[
	{
		"filename": "/tekton/home/clair-result-amd64.json",
		"namespace": "required_checks",
		"successes": 6,
		"warnings": [
			{
				"msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: platform-python-3.6.8-75.el8_10 (CVE-2026-4786, CVE-2026-6100), python3-libs-3.6.8-75.el8_10 (CVE-2026-4786, CVE-2026-6100)",
						"name": "clair_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 4
				}
			},
			{
				"msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: libcap-2.48-6.el8_9 (CVE-2026-4878), java-17-openjdk-headless-1:17.0.19.0.10-1.el8 (CVE-2025-66293, CVE-2026-22020, CVE-2026-25646, CVE-2026-26740)",
						"name": "clair_unpatched_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 5
				}
			},
			{
				"msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: xz-libs-5.2.4-4.el8_6 (CVE-2026-34743), libssh-config-0.9.6-16.el8_10 (CVE-2025-5351, CVE-2025-8114, CVE-2026-0964, CVE-2026-0966, CVE-2026-3731), platform-python-3.6.8-75.el8_10 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2025-8291, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713, CVE-2026-6019), glibc-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5450, CVE-2026-5928), libsmartcols-2.32.1-48.el8_10 (CVE-2026-27456), systemd-libs-239-82.el8_10.16 (CVE-2018-20839, CVE-2025-4598, CVE-2026-29111, CVE-2026-4105), coreutils-single-8.30-17.el8_10 (CVE-2025-5278), libmount-2.32.1-48.el8_10 (CVE-2026-27456), openldap-2.4.46-21.el8_10 (CVE-2026-22185), libcurl-7.61.1-34.el8_10.11 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), libssh-0.9.6-16.el8_10 (CVE-2025-5351, CVE-2025-8114, CVE-2026-0964, CVE-2026-0966, CVE-2026-3731), libgcrypt-1.8.5-7.el8_6 (CVE-2019-12904, CVE-2024-2236), glibc-common-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5450, CVE-2026-5928), libarchive-3.3.3-7.el8_10 (CVE-2024-57970, CVE-2025-25724, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), libblkid-2.32.1-48.el8_10 (CVE-2026-27456), avahi-libs-0.7-27.el8_10.1 (CVE-2024-52615, CVE-2024-52616, CVE-2025-59529, CVE-2025-68276, CVE-2025-68468, CVE-2025-68471, CVE-2026-24401, CVE-2026-34933), curl-7.61.1-34.el8_10.11 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805), glib2-2.56.4-168.el8_10 (CVE-2025-14087, CVE-2025-14512, CVE-2026-1484, CVE-2026-1489), glibc-minimal-langpack-2.28-251.el8_10.31 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5450, CVE-2026-5928), expat-2.5.0-1.el8_10 (CVE-2026-32776, CVE-2026-32777, CVE-2026-32778), libzstd-1.4.4-1.el8 (CVE-2022-4899), file-libs-5.33-27.el8_10 (CVE-2019-8905), python3-libs-3.6.8-75.el8_10 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2025-8291, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-5713, CVE-2026-6019), gnupg2-2.2.20-4.el8_10 (CVE-2025-68972), cups-libs-1:2.2.6-67.el8_10 (CVE-2023-4504, CVE-2026-27447, CVE-2026-34978, CVE-2026-34979, CVE-2026-34980, CVE-2026-34990, CVE-2026-39314, CVE-2026-39316), python3-pip-wheel-9.0.3-24.el8 (CVE-2023-45803, CVE-2025-50181, CVE-2025-50182, CVE-2026-25645), libxml2-2.9.7-21.el8_10.3 (CVE-2025-9714, CVE-2026-0990, CVE-2026-1757, CVE-2026-6732), java-17-openjdk-headless-1:17.0.19.0.10-1.el8 (CVE-2025-28164, CVE-2025-64505, CVE-2025-64506, CVE-2026-22693, CVE-2026-22695, CVE-2026-22801, CVE-2026-33416, CVE-2026-33636, CVE-2026-34757, CVE-2026-41254), openssl-libs-1:1.1.1k-15.el8_6 (CVE-2023-0466, CVE-2026-28386, CVE-2026-28390), libuuid-2.32.1-48.el8_10 (CVE-2026-27456), alsa-lib-1.2.10-2.el8 (CVE-2026-25068), tar-2:1.30-11.el8_10 (CVE-2025-45582, CVE-2025-64118, CVE-2026-33056, CVE-2026-5704)",
						"name": "clair_unpatched_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 130
				}
			},
			{
				"msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: libssh-config-0.9.6-16.el8_10 (CVE-2025-4878, CVE-2025-8277, CVE-2026-0965, CVE-2026-0967, CVE-2026-0968), platform-python-3.6.8-75.el8_10 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795, CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), glibc-2.28-251.el8_10.31 (CVE-2026-4438), systemd-libs-239-82.el8_10.16 (CVE-2021-3997), gawk-4.2.1-4.el8 (CVE-2023-4156), libgcc-8.5.0-28.el8_10 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), libcurl-7.61.1-34.el8_10.11 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), nss-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), libssh-0.9.6-16.el8_10 (CVE-2025-4878, CVE-2025-8277, CVE-2026-0965, CVE-2026-0967, CVE-2026-0968), glibc-common-2.28-251.el8_10.31 (CVE-2026-4438), libarchive-3.3.3-7.el8_10 (CVE-2018-1000879, CVE-2018-1000880, CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), avahi-libs-0.7-27.el8_10.1 (CVE-2017-6519), sqlite-libs-3.26.0-20.el8_10 (CVE-2019-19244, CVE-2019-9936, CVE-2019-9937, CVE-2024-0232, CVE-2025-70873), curl-7.61.1-34.el8_10.11 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224), glib2-2.56.4-168.el8_10 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32665, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), ncurses-libs-6.1-10.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-50495), glibc-minimal-langpack-2.28-251.el8_10.31 (CVE-2026-4438), expat-2.5.0-1.el8_10 (CVE-2025-66382, CVE-2026-24515, CVE-2026-41080), libzstd-1.4.4-1.el8 (CVE-2021-24032), nss-util-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), shadow-utils-2:4.6-23.el8_10 (CVE-2024-56433), dbus-libs-1:1.12.8-27.el8_10 (CVE-2020-35512), file-libs-5.33-27.el8_10 (CVE-2019-8906), gnutls-3.6.16-8.el8_10.5 (CVE-2021-4209), pcre2-10.32-3.el8_6 (CVE-2022-41409), nss-softokn-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), python3-libs-3.6.8-75.el8_10 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795, CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), gnupg2-2.2.20-4.el8_10 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), libtasn1-4.13-5.el8_10 (CVE-2018-1000654, CVE-2025-13151), cups-libs-1:2.2.6-67.el8_10 (CVE-2021-25317), ncurses-base-6.1-10.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-50495), nss-sysinit-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), zlib-1.2.11-25.el8 (CVE-2026-27171), python3-pip-wheel-9.0.3-24.el8 (CVE-2018-20225), libxml2-2.9.7-21.el8_10.3 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), java-17-openjdk-headless-1:17.0.19.0.10-1.el8 (CVE-2022-3857, CVE-2026-27171), openssl-libs-1:1.1.1k-15.el8_6 (CVE-2023-0464, CVE-2023-0465, CVE-2023-2650, CVE-2024-0727, CVE-2024-13176, CVE-2024-2511, CVE-2024-41996, CVE-2024-4741, CVE-2025-15468, CVE-2025-15469, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796, CVE-2026-2673, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), nss-softokn-freebl-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), libstdc++-8.5.0-28.el8_10 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), elfutils-libelf-0.190-2.el8 (CVE-2024-25260), tar-2:1.30-11.el8_10 (CVE-2019-9923, CVE-2021-20193, CVE-2023-39804)",
						"name": "clair_unpatched_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 147
				}
			}
		]
	}
]
{"vulnerabilities":{"critical":0,"high":4,"medium":0,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":5,"medium":130,"low":147,"unknown":0}}
{"image": {"pullspec": "quay.io/redhat-appstudio-qe/stat-rep-hkpv/test-component-pac-uqmcip:on-pr-4bac4a385e7e3728269cb1902b6b544c1870baf2", "digests": ["sha256:73e070d1a8448f1e05ef957efd0644af1317fdb66f069e98bbfcb8ebe0bc206e"]}}
{"result":"SUCCESS","timestamp":"2026-04-28T10:02:25+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0}