[
	{
		"filename": "/tekton/home/clair-result-amd64.json",
		"namespace": "required_checks",
		"successes": 5,
		"warnings": [
			{
				"msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: krb5-libs-1.18.2-33.el8_10 (CVE-2026-40356)",
						"name": "clair_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 1
				}
			},
			{
				"msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: java-17-openjdk-headless-1:17.0.19.0.10-1.el8 (CVE-2025-66293, CVE-2026-22020, CVE-2026-25646, CVE-2026-26740), gnutls-3.6.16-8.el8_10.5 (CVE-2026-33845, CVE-2026-33846, CVE-2026-42010)",
						"name": "clair_unpatched_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 7
				}
			},
			{
				"msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: krb5-libs-1.18.2-33.el8_10 (CVE-2026-40355)",
						"name": "clair_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 1
				}
			},
			{
				"msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: java-17-openjdk-headless-1:17.0.19.0.10-1.el8 (CVE-2025-28164, CVE-2025-64505, CVE-2025-64506, CVE-2026-22693, CVE-2026-22695, CVE-2026-22801, CVE-2026-33416, CVE-2026-33636, CVE-2026-34757, CVE-2026-41254), platform-python-3.6.8-76.el8_10 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2025-8291, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-42308, CVE-2026-5713, CVE-2026-6019), alsa-lib-1.2.10-2.el8 (CVE-2026-25068), cups-libs-1:2.2.6-67.el8_10 (CVE-2023-4504, CVE-2026-27447, CVE-2026-34978, CVE-2026-34979, CVE-2026-34980, CVE-2026-34990, CVE-2026-39314, CVE-2026-39316), openldap-2.4.46-21.el8_10 (CVE-2026-22185), systemd-libs-239-82.el8_10.16 (CVE-2018-20839, CVE-2025-4598, CVE-2026-29111, CVE-2026-4105), libssh-0.9.6-16.el8_10 (CVE-2025-5351, CVE-2025-8114, CVE-2026-0964, CVE-2026-0966, CVE-2026-3731), glibc-common-2.28-251.el8_10.34 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), python3-libs-3.6.8-76.el8_10 (CVE-2025-11468, CVE-2025-12781, CVE-2025-13837, CVE-2025-15282, CVE-2025-4516, CVE-2025-6069, CVE-2025-8291, CVE-2026-0672, CVE-2026-1502, CVE-2026-3644, CVE-2026-4224, CVE-2026-42308, CVE-2026-5713, CVE-2026-6019), glibc-2.28-251.el8_10.34 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), coreutils-single-8.30-17.el8_10 (CVE-2025-5278), gnupg2-2.2.20-4.el8_10 (CVE-2025-68972), libuuid-2.32.1-48.el8_10 (CVE-2026-27456), libssh-config-0.9.6-16.el8_10 (CVE-2025-5351, CVE-2025-8114, CVE-2026-0964, CVE-2026-0966, CVE-2026-3731), libarchive-3.3.3-7.el8_10 (CVE-2024-57970, CVE-2025-25724, CVE-2025-60753, CVE-2026-4426, CVE-2026-5745), python3-pip-wheel-9.0.3-24.el8 (CVE-2023-45803, CVE-2025-50181, CVE-2025-50182, CVE-2026-25645), libzstd-1.4.4-1.el8 (CVE-2022-4899), tar-2:1.30-11.el8_10 (CVE-2025-45582, CVE-2025-64118, CVE-2026-33056, CVE-2026-5704), xz-libs-5.2.4-4.el8_6 (CVE-2026-34743), file-libs-5.33-27.el8_10 (CVE-2019-8905), openssl-libs-1:1.1.1k-15.el8_6 (CVE-2023-0466, CVE-2026-28390), libcurl-7.61.1-34.el8_10.11 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805, CVE-2026-4873, CVE-2026-5545, CVE-2026-5773, CVE-2026-6253, CVE-2026-6429), libblkid-2.32.1-48.el8_10 (CVE-2026-27456), gnutls-3.6.16-8.el8_10.5 (CVE-2026-3833, CVE-2026-42011), libsmartcols-2.32.1-48.el8_10 (CVE-2026-27456), libmount-2.32.1-48.el8_10 (CVE-2026-27456), libgcrypt-1.8.5-7.el8_6 (CVE-2019-12904, CVE-2024-2236, CVE-2026-41989), expat-2.5.0-1.el8_10 (CVE-2026-32776, CVE-2026-32777, CVE-2026-32778), glibc-minimal-langpack-2.28-251.el8_10.34 (CVE-2026-4046, CVE-2026-4437, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928), glib2-2.56.4-169.el8_10 (CVE-2026-1484, CVE-2026-1489), libxml2-2.9.7-21.el8_10.4 (CVE-2026-0990, CVE-2026-1757, CVE-2026-6732), curl-7.61.1-34.el8_10.11 (CVE-2025-13034, CVE-2025-14017, CVE-2026-1965, CVE-2026-3783, CVE-2026-3784, CVE-2026-3805, CVE-2026-4873, CVE-2026-5545, CVE-2026-5773, CVE-2026-6253, CVE-2026-6429), avahi-libs-0.7-27.el8_10.1 (CVE-2024-52615, CVE-2024-52616, CVE-2025-59529, CVE-2025-68276, CVE-2025-68468, CVE-2025-68471, CVE-2026-24401, CVE-2026-34933)",
						"name": "clair_unpatched_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 144
				}
			},
			{
				"msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: java-17-openjdk-headless-1:17.0.19.0.10-1.el8 (CVE-2022-3857, CVE-2026-27171), dbus-libs-1:1.12.8-28.el8_10 (CVE-2020-35512), pcre2-10.32-3.el8_6 (CVE-2022-41409), platform-python-3.6.8-76.el8_10 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795, CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), gawk-4.2.1-4.el8 (CVE-2023-4156), libgcc-8.5.0-28.el8_10 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), cups-libs-1:2.2.6-67.el8_10 (CVE-2021-25317, CVE-2026-41079), elfutils-libelf-0.190-2.el8 (CVE-2024-25260), systemd-libs-239-82.el8_10.16 (CVE-2021-3997), libssh-0.9.6-16.el8_10 (CVE-2025-4878, CVE-2025-8277, CVE-2026-0965, CVE-2026-0967, CVE-2026-0968), libstdc++-8.5.0-28.el8_10 (CVE-2018-20657, CVE-2019-14250, CVE-2022-27943), glibc-common-2.28-251.el8_10.34 (CVE-2026-4438), python3-libs-3.6.8-76.el8_10 (CVE-2019-9674, CVE-2024-0397, CVE-2024-7592, CVE-2025-1795, CVE-2025-6075, CVE-2026-2297, CVE-2026-3479), glibc-2.28-251.el8_10.34 (CVE-2026-4438), gnupg2-2.2.20-4.el8_10 (CVE-2022-3219, CVE-2025-30258, CVE-2026-24883), libssh-config-0.9.6-16.el8_10 (CVE-2025-4878, CVE-2025-8277, CVE-2026-0965, CVE-2026-0967, CVE-2026-0968), libarchive-3.3.3-7.el8_10 (CVE-2018-1000879, CVE-2018-1000880, CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), python3-pip-wheel-9.0.3-24.el8 (CVE-2018-20225), shadow-utils-2:4.6-23.el8_10 (CVE-2024-56433), libtasn1-4.13-5.el8_10 (CVE-2018-1000654, CVE-2025-13151), libzstd-1.4.4-1.el8 (CVE-2021-24032), tar-2:1.30-11.el8_10 (CVE-2019-9923, CVE-2021-20193, CVE-2023-39804), nss-softokn-freebl-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), ncurses-base-6.1-10.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-50495), file-libs-5.33-27.el8_10 (CVE-2019-8906), zlib-1.2.11-25.el8 (CVE-2026-27171), nss-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), ncurses-libs-6.1-10.20180224.el8 (CVE-2018-19211, CVE-2020-19185, CVE-2020-19186, CVE-2020-19187, CVE-2020-19188, CVE-2020-19189, CVE-2020-19190, CVE-2021-39537, CVE-2023-50495), nss-sysinit-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), openssl-libs-1:1.1.1k-15.el8_6 (CVE-2023-0464, CVE-2023-0465, CVE-2023-2650, CVE-2024-0727, CVE-2024-13176, CVE-2024-2511, CVE-2024-41996, CVE-2024-4741, CVE-2025-15468, CVE-2025-15469, CVE-2025-68160, CVE-2025-69418, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789), nss-softokn-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), libcurl-7.61.1-34.el8_10.11 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224, CVE-2026-6276), gnutls-3.6.16-8.el8_10.5 (CVE-2021-4209, CVE-2026-3832), nss-util-3.112.0-8.el8_10 (CVE-2020-12413, CVE-2024-7531), libgcrypt-1.8.5-7.el8_6 (CVE-2026-41990), expat-2.5.0-1.el8_10 (CVE-2025-66382, CVE-2026-24515, CVE-2026-41080), glibc-minimal-langpack-2.28-251.el8_10.34 (CVE-2026-4438), glib2-2.56.4-169.el8_10 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32665, CVE-2025-3360, CVE-2025-7039, CVE-2026-0988, CVE-2026-1485), sqlite-libs-3.26.0-20.el8_10 (CVE-2019-19244, CVE-2019-9936, CVE-2019-9937, CVE-2024-0232, CVE-2025-70873), libxml2-2.9.7-21.el8_10.4 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170, CVE-2026-0989, CVE-2026-0992), curl-7.61.1-34.el8_10.11 (CVE-2023-27534, CVE-2024-11053, CVE-2024-7264, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224, CVE-2026-6276), avahi-libs-0.7-27.el8_10.1 (CVE-2017-6519)",
						"name": "clair_unpatched_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 151
				}
			}
		]
	}
]
{"vulnerabilities":{"critical":0,"high":1,"medium":1,"low":0,"unknown":0},"unpatched_vulnerabilities":{"critical":0,"high":7,"medium":144,"low":151,"unknown":0}}
{"image": {"pullspec": "quay.io/redhat-appstudio-qe/gitlab-rep-yxbh/test-comp-pac-gitlab-rfoshr:on-pr-3e2780a3a219e3d09d6df37ecd3187a486eb3eb8", "digests": ["sha256:f0714d7c21792de7ca2caf7916933fed5cf5d9a7e6c4ac980d3bcb03d13a134e"]}}
{"result":"SUCCESS","timestamp":"2026-05-18T20:46:07+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0}