[
	{
		"filename": "/tekton/home/clair-result-amd64.json",
		"namespace": "required_checks",
		"successes": 5,
		"warnings": [
			{
				"msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glibc-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), openssl-libs-1:3.0.7-16.el9_2 (CVE-2024-12797), libarchive-3.5.3-4.el9 (CVE-2025-5914), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-38545), libxml2-2.9.13-3.el9_1 (CVE-2024-56171, CVE-2025-24928, CVE-2025-49794, CVE-2025-49796, CVE-2025-7425), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-6965), glibc-common-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), libnghttp2-1.43.0-5.el9 (CVE-2023-44487), glibc-minimal-langpack-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-38545), krb5-libs-1.20.1-9.el9_2 (CVE-2023-39975, CVE-2024-3596)",
						"name": "clair_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 22
				}
			},
			{
				"msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glib2-2.68.4-6.el9 (CVE-2024-34397, CVE-2024-52533, CVE-2025-4373), ncurses-base-6.2-8.20210508.el9 (CVE-2023-29491), gmp-1:6.2.0-10.el9 (CVE-2021-43618), rpm-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), libcap-2.48-8.el9 (CVE-2023-2603), libgcc-11.3.1-4.3.el9 (CVE-2020-11023), systemd-libs-252-14.el9_2.1 (CVE-2023-7008), glibc-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), bzip2-libs-1.0.8-8.el9 (CVE-2019-12900), openssl-libs-1:3.0.7-16.el9_2 (CVE-2023-5363, CVE-2024-6119, CVE-2025-9230), libarchive-3.5.3-4.el9 (CVE-2025-25724), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), libxml2-2.9.13-3.el9_1 (CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2023-39615, CVE-2024-25062, CVE-2025-32414, CVE-2025-32415, CVE-2025-6021), sqlite-libs-3.34.1-6.el9_1 (CVE-2023-7104), libtasn1-4.16.0-8.el9_1 (CVE-2024-12133), rpm-libs-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), libstdc++-11.3.1-4.3.el9 (CVE-2020-11023), gnutls-3.7.6-20.el9_2 (CVE-2023-5981, CVE-2024-0553, CVE-2024-0567, CVE-2024-12243, CVE-2024-28834, CVE-2024-28835, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, CVE-2025-6395), glibc-common-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), libgcrypt-1.10.0-10.el9_2 (CVE-2024-2236), libnghttp2-1.43.0-5.el9 (CVE-2024-28182), glibc-minimal-langpack-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-29491), krb5-libs-1.20.1-9.el9_2 (CVE-2023-36054, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371, CVE-2025-24528, CVE-2025-3576)",
						"name": "clair_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 83
				}
			},
			{
				"msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: systemd-libs-252-14.el9_2.1 (CVE-2025-4598), libarchive-3.5.3-4.el9 (CVE-2023-30571, CVE-2025-60753), curl-minimal-7.76.1-23.el9_2.1 (CVE-2025-10966, CVE-2025-9086), libxml2-2.9.13-3.el9_1 (CVE-2025-9714), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-52099), lz4-libs-1.9.3-5.el9 (CVE-2025-62813), coreutils-single-8.32-34.el9 (CVE-2025-5278), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2025-10966, CVE-2025-9086)",
						"name": "clair_unpatched_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 11
				}
			},
			{
				"msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glib2-2.68.4-6.el9 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32665), ncurses-base-6.2-8.20210508.el9 (CVE-2022-29458), libcap-2.48-8.el9 (CVE-2023-2602), file-libs-5.39-12.el9 (CVE-2022-48554), glibc-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), openssl-libs-1:3.0.7-16.el9_2 (CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), glibc-common-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), glibc-minimal-langpack-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), ncurses-libs-6.2-8.20210508.el9 (CVE-2022-29458), krb5-libs-1.20.1-9.el9_2 (CVE-2024-26458, CVE-2024-26461)",
						"name": "clair_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 34
				}
			},
			{
				"msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glib2-2.68.4-6.el9 (CVE-2023-32636, CVE-2025-3360), ncurses-base-6.2-8.20210508.el9 (CVE-2023-50495), libgcc-11.3.1-4.3.el9 (CVE-2022-27943), pcre2-10.40-2.el9 (CVE-2022-41409), openssl-libs-1:3.0.7-16.el9_2 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232), gawk-5.1.0-6.el9 (CVE-2023-4156), libarchive-3.5.3-4.el9 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), pcre2-syntax-10.40-2.el9 (CVE-2022-41409), curl-minimal-7.76.1-23.el9_2.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), libxml2-2.9.13-3.el9_1 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170), sqlite-libs-3.34.1-6.el9_1 (CVE-2024-0232), gnupg2-2.3.3-2.el9_0 (CVE-2022-3219, CVE-2025-30258), libstdc++-11.3.1-4.3.el9 (CVE-2022-27943), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-50495)",
						"name": "clair_unpatched_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 30
				}
			}
		]
	}
]
{"vulnerabilities":{"critical":0,"high":22,"medium":83,"low":34,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":11,"low":30,"unknown":0}}
{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-urwd/gl-multi-component-child-kpzw:on-pr-a72e80da6c98d3b9b7643e4577c2618a05eaa78b", "digests": ["sha256:fd97695a03c20253cb07850ad5b2a2f3f464b81163927b83130c12fb5c93d657"]}}
{"result":"SUCCESS","timestamp":"2026-02-16T14:19:51+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0}