[
	{
		"filename": "/tekton/home/clair-result-amd64.json",
		"namespace": "required_checks",
		"successes": 5,
		"warnings": [
			{
				"msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glibc-common-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-38545), glibc-minimal-langpack-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), glibc-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-6965), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-38545), openssl-libs-1:3.0.7-16.el9_2 (CVE-2024-12797), libxml2-2.9.13-3.el9_1 (CVE-2024-56171, CVE-2025-24928, CVE-2025-49794, CVE-2025-49796, CVE-2025-7425), libarchive-3.5.3-4.el9 (CVE-2025-5914), krb5-libs-1.20.1-9.el9_2 (CVE-2023-39975, CVE-2024-3596), libnghttp2-1.43.0-5.el9 (CVE-2023-44487)",
						"name": "clair_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 22
				}
			},
			{
				"msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: rpm-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), libstdc++-11.3.1-4.3.el9 (CVE-2020-11023), libgcc-11.3.1-4.3.el9 (CVE-2020-11023), gnutls-3.7.6-20.el9_2 (CVE-2023-5981, CVE-2024-0553, CVE-2024-0567, CVE-2024-12243, CVE-2024-28834, CVE-2024-28835, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, CVE-2025-6395), glibc-common-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), bzip2-libs-1.0.8-8.el9 (CVE-2019-12900), gmp-1:6.2.0-10.el9 (CVE-2021-43618), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), systemd-libs-252-14.el9_2.1 (CVE-2023-7008), glibc-minimal-langpack-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), glibc-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), libtasn1-4.16.0-8.el9_1 (CVE-2024-12133), ncurses-base-6.2-8.20210508.el9 (CVE-2023-29491), sqlite-libs-3.34.1-6.el9_1 (CVE-2023-7104), glib2-2.68.4-6.el9 (CVE-2024-34397, CVE-2024-52533, CVE-2025-4373), rpm-libs-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), libgcrypt-1.10.0-10.el9_2 (CVE-2024-2236), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), openssl-libs-1:3.0.7-16.el9_2 (CVE-2023-5363, CVE-2024-6119, CVE-2025-9230), libxml2-2.9.13-3.el9_1 (CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2023-39615, CVE-2024-25062, CVE-2025-32414, CVE-2025-32415, CVE-2025-6021), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-29491), libarchive-3.5.3-4.el9 (CVE-2025-25724), krb5-libs-1.20.1-9.el9_2 (CVE-2023-36054, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371, CVE-2025-24528, CVE-2025-3576), libcap-2.48-8.el9 (CVE-2023-2603), libnghttp2-1.43.0-5.el9 (CVE-2024-28182)",
						"name": "clair_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 83
				}
			},
			{
				"msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: lz4-libs-1.9.3-5.el9 (CVE-2025-62813), curl-minimal-7.76.1-23.el9_2.1 (CVE-2025-10966, CVE-2025-9086), systemd-libs-252-14.el9_2.1 (CVE-2025-4598), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-52099), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2025-10966, CVE-2025-9086), libxml2-2.9.13-3.el9_1 (CVE-2025-9714), libarchive-3.5.3-4.el9 (CVE-2023-30571, CVE-2025-60753), coreutils-single-8.32-34.el9 (CVE-2025-5278)",
						"name": "clair_unpatched_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 11
				}
			},
			{
				"msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: glibc-common-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), curl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), glibc-minimal-langpack-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), glibc-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), ncurses-base-6.2-8.20210508.el9 (CVE-2022-29458), glib2-2.68.4-6.el9 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32665), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), openssl-libs-1:3.0.7-16.el9_2 (CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535), ncurses-libs-6.2-8.20210508.el9 (CVE-2022-29458), krb5-libs-1.20.1-9.el9_2 (CVE-2024-26458, CVE-2024-26461), libcap-2.48-8.el9 (CVE-2023-2602), file-libs-5.39-12.el9 (CVE-2022-48554)",
						"name": "clair_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 34
				}
			},
			{
				"msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: libstdc++-11.3.1-4.3.el9 (CVE-2022-27943), libgcc-11.3.1-4.3.el9 (CVE-2022-27943), pcre2-syntax-10.40-2.el9 (CVE-2022-41409), curl-minimal-7.76.1-23.el9_2.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), ncurses-base-6.2-8.20210508.el9 (CVE-2023-50495), sqlite-libs-3.34.1-6.el9_1 (CVE-2024-0232), pcre2-10.40-2.el9 (CVE-2022-41409), glib2-2.68.4-6.el9 (CVE-2023-32636, CVE-2025-3360), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), openssl-libs-1:3.0.7-16.el9_2 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232), libxml2-2.9.13-3.el9_1 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-50495), libarchive-3.5.3-4.el9 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), gawk-5.1.0-6.el9 (CVE-2023-4156), gnupg2-2.3.3-2.el9_0 (CVE-2022-3219, CVE-2025-30258)",
						"name": "clair_unpatched_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 30
				}
			}
		]
	}
]
{"vulnerabilities":{"critical":0,"high":22,"medium":83,"low":34,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":0,"medium":11,"low":30,"unknown":0}}
{"image": {"pullspec": "quay.io/redhat-appstudio-qe/build-e2e-urwd/gl-multi-component-child-kpzw:48e7c1f7e45798f81eb9bb6e2825991220caac6a", "digests": ["sha256:bc063db5554030db80da5ec7ce2c21fa55f8eecc65c097f038fafb72b450de07"]}}
{"result":"SUCCESS","timestamp":"2026-02-16T14:23:12+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0}