[
	{
		"filename": "/tekton/home/clair-result-amd64.json",
		"namespace": "required_checks",
		"successes": 5,
		"warnings": [
			{
				"msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glibc-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-38545), openssl-libs-1:3.0.7-16.el9_2 (CVE-2024-12797), glibc-minimal-langpack-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), libnghttp2-1.43.0-5.el9 (CVE-2023-44487), krb5-libs-1.20.1-9.el9_2 (CVE-2023-39975, CVE-2024-3596), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-38545), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-6965), libxml2-2.9.13-3.el9_1 (CVE-2024-56171, CVE-2025-24928, CVE-2025-49794, CVE-2025-49796, CVE-2025-7425), libarchive-3.5.3-4.el9 (CVE-2025-5914), glibc-common-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599)",
						"name": "clair_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 22
				}
			},
			{
				"msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glibc-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), libcap-2.48-8.el9 (CVE-2023-2603), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), gnutls-3.7.6-20.el9_2 (CVE-2023-5981, CVE-2024-0553, CVE-2024-0567, CVE-2024-12243, CVE-2024-28834, CVE-2024-28835, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, CVE-2025-6395), libgcrypt-1.10.0-10.el9_2 (CVE-2024-2236), openssl-libs-1:3.0.7-16.el9_2 (CVE-2023-5363, CVE-2024-6119, CVE-2025-9230), libtasn1-4.16.0-8.el9_1 (CVE-2024-12133), glibc-minimal-langpack-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), glib2-2.68.4-6.el9 (CVE-2024-34397, CVE-2024-52533, CVE-2025-4373), libnghttp2-1.43.0-5.el9 (CVE-2024-28182), rpm-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-29491), libgcc-11.3.1-4.3.el9 (CVE-2020-11023), bzip2-libs-1.0.8-8.el9 (CVE-2019-12900), krb5-libs-1.20.1-9.el9_2 (CVE-2023-36054, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371, CVE-2025-24528, CVE-2025-3576), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), sqlite-libs-3.34.1-6.el9_1 (CVE-2023-7104), libxml2-2.9.13-3.el9_1 (CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2023-39615, CVE-2024-25062, CVE-2025-32414, CVE-2025-32415, CVE-2025-6021), libarchive-3.5.3-4.el9 (CVE-2025-25724), rpm-libs-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), glibc-common-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), gmp-1:6.2.0-10.el9 (CVE-2021-43618), libstdc++-11.3.1-4.3.el9 (CVE-2020-11023), ncurses-base-6.2-8.20210508.el9 (CVE-2023-29491), systemd-libs-252-14.el9_2.1 (CVE-2023-7008)",
						"name": "clair_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 83
				}
			},
			{
				"msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2025-10966, CVE-2025-9086), lz4-libs-1.9.3-5.el9 (CVE-2025-62813), coreutils-single-8.32-34.el9 (CVE-2025-5278), curl-minimal-7.76.1-23.el9_2.1 (CVE-2025-10966, CVE-2025-9086), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-52099), libxml2-2.9.13-3.el9_1 (CVE-2025-9714), libarchive-3.5.3-4.el9 (CVE-2023-30571, CVE-2025-60753), systemd-libs-252-14.el9_2.1 (CVE-2025-4598)",
						"name": "clair_unpatched_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 11
				}
			},
			{
				"msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glibc-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), libcap-2.48-8.el9 (CVE-2023-2602), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), file-libs-5.39-12.el9 (CVE-2022-48554), openssl-libs-1:3.0.7-16.el9_2 (CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535), glibc-minimal-langpack-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), glib2-2.68.4-6.el9 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32665), ncurses-libs-6.2-8.20210508.el9 (CVE-2022-29458), krb5-libs-1.20.1-9.el9_2 (CVE-2024-26458, CVE-2024-26461), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), glibc-common-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), ncurses-base-6.2-8.20210508.el9 (CVE-2022-29458)",
						"name": "clair_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 34
				}
			},
			{
				"msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), openssl-libs-1:3.0.7-16.el9_2 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232), glib2-2.68.4-6.el9 (CVE-2023-32636, CVE-2025-3360), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-50495), gnupg2-2.3.3-2.el9_0 (CVE-2022-3219, CVE-2025-30258), libgcc-11.3.1-4.3.el9 (CVE-2022-27943), gawk-5.1.0-6.el9 (CVE-2023-4156), curl-minimal-7.76.1-23.el9_2.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), sqlite-libs-3.34.1-6.el9_1 (CVE-2024-0232), pcre2-syntax-10.40-2.el9 (CVE-2022-41409), libxml2-2.9.13-3.el9_1 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170), libarchive-3.5.3-4.el9 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), pcre2-10.40-2.el9 (CVE-2022-41409), libstdc++-11.3.1-4.3.el9 (CVE-2022-27943), ncurses-base-6.2-8.20210508.el9 (CVE-2023-50495)",
						"name": "clair_unpatched_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 30
				}
			}
		]
	}
]
{"vulnerabilities":{"critical":0,"high":22,"medium":83,"low":34,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":11,"low":30,"unknown":0}}
{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-urwd/gl-multi-component-child-kpzw:on-pr-d63e94324c4b09e2761e925740224f6ee3235921", "digests": ["sha256:7f671ff03e513bfcd0b44aaabb9d24097245da36f9cd6a25cb53288d179b3e9d"]}}
{"result":"SUCCESS","timestamp":"2026-02-16T14:22:09+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0}