[
	{
		"filename": "/tekton/home/clair-result-amd64.json",
		"namespace": "required_checks",
		"successes": 3,
		"warnings": [
			{
				"msg": "Found packages with high vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: git-2.39.3-1.el9_2 (CVE-2024-32002, CVE-2024-32004, CVE-2025-48384, CVE-2025-48385), freetype-2.10.4-9.el9 (CVE-2025-27363), libpq-devel-13.5-1.el9 (CVE-2025-1094), glibc-minimal-langpack-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), krb5-devel-1.20.1-8.el9 (CVE-2023-39975, CVE-2024-3596), mod_ldap-2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), libeconf-0.4.1-2.el9 (CVE-2023-30079), freetype-devel-2.10.4-9.el9 (CVE-2025-27363), mod_session-2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), openssh-clients-8.7p1-29.el9_2 (CVE-2023-38408, CVE-2024-6387), libxml2-devel-2.9.13-3.el9_1 (CVE-2024-56171, CVE-2025-24928, CVE-2025-49794, CVE-2025-49796, CVE-2025-7425), pam-1.5.1-14.el9 (CVE-2024-10963, CVE-2025-6020, CVE-2025-8941), mod_ssl-1:2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), rsync-3.2.3-19.el9 (CVE-2024-12085), libwebp-1.2.0-6.el9_1 (CVE-2023-4863), glibc-locale-source-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), libxslt-1.1.34-9.el9 (CVE-2024-55549, CVE-2025-24855), glibc-devel-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), glibc-langpack-en-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), glibc-gconv-extra-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), git-core-doc-2.39.3-1.el9_2 (CVE-2024-32002, CVE-2024-32004, CVE-2025-48384, CVE-2025-48385), perl-Git-2.39.3-1.el9_2 (CVE-2024-32002, CVE-2024-32004, CVE-2025-48384, CVE-2025-48385), python3-libs-3.9.16-1.el9 (CVE-2023-24329, CVE-2023-40217, CVE-2023-6597, CVE-2024-12718, CVE-2025-4138, CVE-2025-4517), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-38545), libtiff-devel-4.4.0-7.el9 (CVE-2025-8176, CVE-2025-9900), glibc-headers-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), python3-setuptools-wheel-53.0.0-12.el9 (CVE-2024-6345), python3-3.9.16-1.el9 (CVE-2023-24329, CVE-2023-40217, CVE-2023-6597, CVE-2024-12718, CVE-2025-4138, CVE-2025-4517), libkadm5-1.20.1-8.el9 (CVE-2023-39975, CVE-2024-3596), curl-minimal-7.76.1-23.el9 (CVE-2023-38545), krb5-libs-1.20.1-8.el9 (CVE-2023-39975, CVE-2024-3596), httpd-core-2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), httpd-2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), httpd-filesystem-2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), npm-1:8.19.3-1.16.19.1.1.el9_2 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-6965), sqlite-3.34.1-6.el9_1 (CVE-2025-6965), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-6965), nodejs-docs-1:16.19.1-1.el9_2 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-6965), libpq-13.5-1.el9 (CVE-2025-1094), less-590-1.el9_0 (CVE-2024-32487), httpd-tools-2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), libdnf-plugin-subscription-manager-1.29.33.1-1.el9_2 (CVE-2023-3899), libwebp-devel-1.2.0-6.el9_1 (CVE-2023-4863), python3-subscription-manager-rhsm-1.29.33.1-1.el9_2 (CVE-2023-3899), git-core-2.39.3-1.el9_2 (CVE-2024-32002, CVE-2024-32004, CVE-2025-48384, CVE-2025-48385), libarchive-3.5.3-4.el9 (CVE-2025-5914), httpd-devel-2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), emacs-filesystem-1:27.2-8.el9_2.1 (CVE-2025-1244), nodejs-1:16.19.1-1.el9_2 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-6965), glibc-common-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), openssl-devel-1:3.0.7-6.el9_2 (CVE-2024-12797), openssl-1:3.0.7-6.el9_2 (CVE-2024-12797), nodejs-full-i18n-1:16.19.1-1.el9_2 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-21892, CVE-2024-21896, CVE-2024-22017, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-6965), sqlite-devel-3.34.1-6.el9_1 (CVE-2025-6965), python3-cloud-what-1.29.33.1-1.el9_2 (CVE-2023-3899), nodejs-libs-1:16.19.1-1.el9_2 (CVE-2023-30581, CVE-2023-32002, CVE-2023-32006, CVE-2023-32067, CVE-2023-44487, CVE-2024-22019, CVE-2024-27983, CVE-2025-23083, CVE-2025-23166, CVE-2025-3277, CVE-2025-6965), libxslt-devel-1.1.34-9.el9 (CVE-2024-55549, CVE-2025-24855), python3-devel-3.9.16-1.el9 (CVE-2023-24329, CVE-2023-40217, CVE-2023-6597, CVE-2024-12718, CVE-2025-4138, CVE-2025-4517), glibc-2.34-60.el9 (CVE-2023-4911, CVE-2024-2961, CVE-2024-33599), libcurl-devel-7.76.1-23.el9_2.1 (CVE-2023-38545), mod_lua-2.4.53-11.el9_2.5 (CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477), subscription-manager-1.29.33.1-1.el9_2 (CVE-2023-3899), python3-setuptools-53.0.0-12.el9 (CVE-2024-6345), openssl-libs-1:3.0.7-6.el9_2 (CVE-2024-12797), bsdtar-3.5.3-4.el9 (CVE-2025-5914), openssh-8.7p1-29.el9_2 (CVE-2023-38408, CVE-2024-6387), libnghttp2-1.43.0-5.el9 (CVE-2023-44487), libtiff-4.4.0-7.el9 (CVE-2025-8176, CVE-2025-9900), libxml2-2.9.13-3.el9_1 (CVE-2024-56171, CVE-2025-24928, CVE-2025-49794, CVE-2025-49796, CVE-2025-7425)",
						"name": "clair_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 220
				}
			},
			{
				"msg": "Found packages with unpatched high vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: expat-devel-2.5.0-1.el9 (CVE-2025-59375), expat-2.5.0-1.el9 (CVE-2025-59375)",
						"name": "clair_unpatched_high_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 2
				}
			},
			{
				"msg": "Found packages with medium vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: git-2.39.3-1.el9_2 (CVE-2024-32465, CVE-2024-52005, CVE-2025-27613, CVE-2025-27614), perl-vars-1.05-480.el9 (CVE-2023-47038, CVE-2025-40909), go-srpm-macros-3.2.0-1.el9 (CVE-2025-47906), perl-base-2.27-480.el9 (CVE-2023-47038, CVE-2025-40909), libicu-67.1-9.el9 (CVE-2025-5222), bzip2-libs-1.0.8-8.el9 (CVE-2019-12900), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2025-53905, CVE-2025-53906), libstdc++-devel-11.3.1-4.3.el9 (CVE-2020-11023), rpm-sign-libs-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), gcc-c++-11.3.1-4.3.el9 (CVE-2020-11023), gcc-gfortran-11.3.1-4.3.el9 (CVE-2020-11023), libXpm-3.5.13-8.el9_1 (CVE-2023-43788, CVE-2023-43789), gcc-11.3.1-4.3.el9 (CVE-2020-11023), glibc-minimal-langpack-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), perl-Fcntl-1.13-480.el9 (CVE-2023-47038, CVE-2025-40909), perl-SelectSaver-1.02-480.el9 (CVE-2023-47038, CVE-2025-40909), pixman-0.40.0-5.el9 (CVE-2022-44638), krb5-devel-1.20.1-8.el9 (CVE-2023-36054, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371, CVE-2025-24528, CVE-2025-3576), mod_ldap-2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), gnutls-3.7.6-20.el9_2 (CVE-2023-5981, CVE-2024-0553, CVE-2024-0567, CVE-2024-12243, CVE-2024-28834, CVE-2024-28835, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, CVE-2025-6395), libeconf-0.4.1-2.el9 (CVE-2023-22652), ncurses-base-6.2-8.20210508.el9 (CVE-2023-29491), libstdc++-11.3.1-4.3.el9 (CVE-2020-11023), mod_session-2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), openssh-clients-8.7p1-29.el9_2 (CVE-2023-48795, CVE-2023-51385, CVE-2024-6409, CVE-2025-26465), libgfortran-11.3.1-4.3.el9 (CVE-2020-11023), libxml2-devel-2.9.13-3.el9_1 (CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2023-39615, CVE-2024-25062, CVE-2025-32414, CVE-2025-32415, CVE-2025-6021), pam-1.5.1-14.el9 (CVE-2024-10041, CVE-2024-22365), tpm2-tss-3.0.3-8.el9 (CVE-2023-22745), perl-FileHandle-2.03-480.el9 (CVE-2023-47038, CVE-2025-40909), mod_ssl-1:2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), rsync-3.2.3-19.el9 (CVE-2024-12087, CVE-2024-12088, CVE-2024-12747), glibc-locale-source-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), perl-HTTP-Tiny-0.076-460.el9 (CVE-2023-31486), bzip2-1.0.8-8.el9 (CVE-2019-12900), glibc-devel-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), glibc-langpack-en-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2025-53905, CVE-2025-53906), libXpm-devel-3.5.13-8.el9_1 (CVE-2023-43788, CVE-2023-43789), glibc-gconv-extra-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), mod_http2-1.15.19-4.el9_2.4 (CVE-2023-43622, CVE-2023-45802, CVE-2024-27316, CVE-2025-49630), perl-Getopt-Std-1.12-480.el9 (CVE-2023-47038, CVE-2025-40909), git-core-doc-2.39.3-1.el9_2 (CVE-2024-32465, CVE-2024-52005, CVE-2025-27613, CVE-2025-27614), perl-Git-2.39.3-1.el9_2 (CVE-2024-32465, CVE-2024-52005, CVE-2025-27613, CVE-2025-27614), perl-File-stat-1.09-480.el9 (CVE-2023-47038, CVE-2025-40909), python3-libs-3.9.16-1.el9 (CVE-2023-27043, CVE-2024-0450, CVE-2024-11168, CVE-2024-6232, CVE-2024-6923, CVE-2024-8088, CVE-2024-9287, CVE-2025-0938, CVE-2025-4330, CVE-2025-4435), perl-File-Copy-2.34-480.el9 (CVE-2023-47038, CVE-2025-40909), systemd-libs-252-13.el9_2 (CVE-2023-7008), apr-1.7.0-11.el9 (CVE-2022-24963), libquadmath-11.3.1-4.3.el9 (CVE-2020-11023), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), libtiff-devel-4.4.0-7.el9 (CVE-2017-17095, CVE-2022-40090, CVE-2022-48281, CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, CVE-2023-26965, CVE-2023-26966, CVE-2023-2731, CVE-2023-3316, CVE-2023-3576, CVE-2023-3618, CVE-2023-40745, CVE-2023-41175, CVE-2023-52355, CVE-2023-52356, CVE-2024-7006), rpm-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), rpm-libs-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), glibc-headers-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), perl-IPC-Open3-1.21-480.el9 (CVE-2023-47038, CVE-2025-40909), libgcrypt-1.10.0-10.el9_1 (CVE-2024-2236), dbus-1:1.12.20-7.el9_1 (CVE-2023-34969), python3-3.9.16-1.el9 (CVE-2023-27043, CVE-2024-0450, CVE-2024-11168, CVE-2024-6232, CVE-2024-6923, CVE-2024-8088, CVE-2024-9287, CVE-2025-0938, CVE-2025-4330, CVE-2025-4435), libkadm5-1.20.1-8.el9 (CVE-2023-36054, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371, CVE-2025-24528, CVE-2025-3576), perl-B-1.80-480.el9 (CVE-2023-47038, CVE-2025-40909), libicu-devel-67.1-9.el9 (CVE-2025-5222), curl-minimal-7.76.1-23.el9 (CVE-2023-27535, CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), perl-mro-1.23-480.el9 (CVE-2023-47038, CVE-2025-40909), krb5-libs-1.20.1-8.el9 (CVE-2023-36054, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371, CVE-2025-24528, CVE-2025-3576), httpd-core-2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), httpd-2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), harfbuzz-icu-2.7.4-8.el9 (CVE-2023-25193), ncurses-6.2-8.20210508.el9 (CVE-2023-29491), httpd-filesystem-2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), npm-1:8.19.3-1.16.19.1.1.el9_2 (CVE-2021-35065, CVE-2022-25881, CVE-2022-25883, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2023-38552, CVE-2023-46809, CVE-2024-21890, CVE-2024-21891, CVE-2024-22020, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2024-28863, CVE-2025-22150, CVE-2025-23085, CVE-2025-23167, CVE-2025-31498), perl-Errno-1.30-480.el9 (CVE-2023-47038, CVE-2025-40909), systemd-pam-252-13.el9_2 (CVE-2023-7008), libquadmath-devel-11.3.1-4.3.el9 (CVE-2020-11023), binutils-gold-2.35.2-37.el9 (CVE-2022-4285), sqlite-3.34.1-6.el9_1 (CVE-2023-7104), sqlite-libs-3.34.1-6.el9_1 (CVE-2023-7104), nodejs-docs-1:16.19.1-1.el9_2 (CVE-2021-35065, CVE-2022-25881, CVE-2022-25883, CVE-2022-3517, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2023-38552, CVE-2023-46809, CVE-2024-21890, CVE-2024-21891, CVE-2024-22020, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2024-28863, CVE-2025-22150, CVE-2025-23085, CVE-2025-23167, CVE-2025-31498), perl-if-0.60.800-480.el9 (CVE-2023-47038, CVE-2025-40909), libgcc-11.3.1-4.3.el9 (CVE-2020-11023), harfbuzz-2.7.4-8.el9 (CVE-2023-25193), perl-overload-1.31-480.el9 (CVE-2023-47038, CVE-2025-40909), libcap-2.48-8.el9 (CVE-2023-2603), less-590-1.el9_0 (CVE-2022-46663, CVE-2022-48624), perl-Symbol-1.08-480.el9 (CVE-2023-47038, CVE-2025-40909), qt5-srpm-macros-5.15.3-1.el9 (CVE-2023-33285, CVE-2023-34410), httpd-tools-2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), perl-Class-Struct-0.66-480.el9 (CVE-2023-47038, CVE-2025-40909), rpm-build-libs-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), perl-libs-4:5.32.1-480.el9 (CVE-2023-47038, CVE-2025-40909), dbus-common-1:1.12.20-7.el9_1 (CVE-2023-34969), harfbuzz-devel-2.7.4-8.el9 (CVE-2023-25193), apr-devel-1.7.0-11.el9 (CVE-2022-24963), bzip2-devel-1.0.8-8.el9 (CVE-2019-12900), libX11-devel-1.7.0-7.el9 (CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787), git-core-2.39.3-1.el9_2 (CVE-2024-32465, CVE-2024-52005, CVE-2025-27613, CVE-2025-27614), perl-POSIX-1.94-480.el9 (CVE-2023-47038, CVE-2025-40909), perl-lib-0.65-480.el9 (CVE-2023-47038, CVE-2025-40909), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-29491), libarchive-3.5.3-4.el9 (CVE-2025-25724), perl-NDBM_File-1.15-480.el9 (CVE-2023-47038, CVE-2025-40909), libjpeg-turbo-2.0.90-6.el9_1 (CVE-2021-29390), httpd-devel-2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), emacs-filesystem-1:27.2-8.el9_2.1 (CVE-2024-30203, CVE-2024-30204, CVE-2024-30205, CVE-2024-39331, CVE-2024-53920), gmp-1:6.2.0-10.el9 (CVE-2021-43618), nodejs-1:16.19.1-1.el9_2 (CVE-2021-35065, CVE-2022-25881, CVE-2022-25883, CVE-2022-3517, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2023-38552, CVE-2023-46809, CVE-2024-21890, CVE-2024-21891, CVE-2024-22020, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2024-28863, CVE-2025-22150, CVE-2025-23085, CVE-2025-23167, CVE-2025-31498), libgomp-11.3.1-4.3.el9 (CVE-2020-11023), dbus-libs-1:1.12.20-7.el9_1 (CVE-2023-34969), perl-subs-1.03-480.el9 (CVE-2023-47038, CVE-2025-40909), perl-File-Compare-1.100.600-480.el9 (CVE-2023-47038, CVE-2025-40909), perl-File-Basename-2.85-480.el9 (CVE-2023-47038, CVE-2025-40909), cpp-11.3.1-4.3.el9 (CVE-2020-11023), glibc-common-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), binutils-2.35.2-37.el9 (CVE-2022-4285), systemd-252-13.el9_2 (CVE-2023-7008), expat-devel-2.5.0-1.el9 (CVE-2023-52425, CVE-2024-28757, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-8176), glib2-devel-2.68.4-6.el9 (CVE-2024-34397, CVE-2024-52533, CVE-2025-4373), openssl-devel-1:3.0.7-6.el9_2 (CVE-2023-0466, CVE-2023-2650, CVE-2023-5363, CVE-2024-6119, CVE-2025-9230), openssl-1:3.0.7-6.el9_2 (CVE-2023-0466, CVE-2023-2650, CVE-2023-5363, CVE-2024-6119, CVE-2025-9230), nodejs-full-i18n-1:16.19.1-1.el9_2 (CVE-2021-35065, CVE-2022-25881, CVE-2022-25883, CVE-2022-3517, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23936, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2023-38552, CVE-2023-46809, CVE-2024-21890, CVE-2024-21891, CVE-2024-22020, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2024-28863, CVE-2025-22150, CVE-2025-23085, CVE-2025-23167, CVE-2025-31498), libjpeg-turbo-devel-2.0.90-6.el9_1 (CVE-2021-29390), glib2-2.68.4-6.el9 (CVE-2024-34397, CVE-2024-52533, CVE-2025-4373), expat-2.5.0-1.el9 (CVE-2023-52425, CVE-2024-28757, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-8176), sqlite-devel-3.34.1-6.el9_1 (CVE-2023-7104), perl-DynaLoader-1.47-480.el9 (CVE-2023-47038, CVE-2025-40909), nodejs-libs-1:16.19.1-1.el9_2 (CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-31130, CVE-2023-31147, CVE-2023-32559, CVE-2024-22025, CVE-2024-27982, CVE-2024-28182, CVE-2025-22150, CVE-2025-23085, CVE-2025-31498), libuv-1:1.42.0-1.el9 (CVE-2024-24806), perl-AutoLoader-5.74-480.el9 (CVE-2023-47038, CVE-2025-40909), python3-devel-3.9.16-1.el9 (CVE-2023-27043, CVE-2024-0450, CVE-2024-11168, CVE-2024-6232, CVE-2024-6923, CVE-2024-8088, CVE-2024-9287, CVE-2025-0938, CVE-2025-4330, CVE-2025-4435), python3-idna-2.10-7.el9 (CVE-2024-3651), glibc-2.34-60.el9 (CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, CVE-2024-33600, CVE-2025-0395, CVE-2025-4802, CVE-2025-5702, CVE-2025-8058), python3-rpm-4.16.1.3-22.el9 (CVE-2021-35937, CVE-2021-35938, CVE-2021-35939), wget-1.21.1-7.el9 (CVE-2024-38428), perl-File-Find-1.37-480.el9 (CVE-2023-47038, CVE-2025-40909), libcurl-devel-7.76.1-23.el9_2.1 (CVE-2023-27536, CVE-2023-27538, CVE-2023-28321, CVE-2023-46218, CVE-2024-2398), perl-overloading-0.02-480.el9 (CVE-2023-47038, CVE-2025-40909), gcc-plugin-annobin-11.3.1-4.3.el9 (CVE-2020-11023), python3-urllib3-1.26.5-3.el9 (CVE-2023-43804, CVE-2023-45803, CVE-2024-37891), libX11-common-1.7.0-7.el9 (CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787), mod_lua-2.4.53-11.el9_2.5 (CVE-2023-27522, CVE-2023-31122, CVE-2023-38709, CVE-2024-38473, CVE-2024-39573, CVE-2024-47252, CVE-2025-23048, CVE-2025-49812), perl-interpreter-4:5.32.1-480.el9 (CVE-2023-47038, CVE-2025-40909), openssl-libs-1:3.0.7-6.el9_2 (CVE-2023-0466, CVE-2023-2650, CVE-2023-5363, CVE-2024-6119, CVE-2025-9230), systemd-rpm-macros-252-13.el9_2 (CVE-2023-7008), libtasn1-4.16.0-8.el9_1 (CVE-2024-12133), libX11-xcb-1.7.0-7.el9 (CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787), bsdtar-3.5.3-4.el9 (CVE-2025-25724), openssh-8.7p1-29.el9_2 (CVE-2023-48795, CVE-2023-51385, CVE-2024-6409, CVE-2025-26465), libnghttp2-1.43.0-5.el9 (CVE-2024-28182), libtiff-4.4.0-7.el9 (CVE-2017-17095, CVE-2022-40090, CVE-2022-48281, CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, CVE-2023-26965, CVE-2023-26966, CVE-2023-2731, CVE-2023-3316, CVE-2023-3576, CVE-2023-3618, CVE-2023-40745, CVE-2023-41175, CVE-2023-52355, CVE-2023-52356, CVE-2024-7006), python3-requests-2.25.1-6.el9 (CVE-2023-32681, CVE-2024-35195, CVE-2024-47081), dmidecode-1:3.3-7.el9 (CVE-2023-30630), perl-IO-1.43-480.el9 (CVE-2023-47038, CVE-2025-40909), libxml2-2.9.13-3.el9_1 (CVE-2022-49043, CVE-2023-28484, CVE-2023-29469, CVE-2023-39615, CVE-2024-25062, CVE-2025-32414, CVE-2025-32415, CVE-2025-6021), libX11-1.7.0-7.el9 (CVE-2023-3138, CVE-2023-43785, CVE-2023-43786, CVE-2023-43787)",
						"name": "clair_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 631
				}
			},
			{
				"msg": "Found packages with unpatched medium vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: git-2.39.3-1.el9_2 (CVE-2025-48386), tar-2:1.34-6.el9_1 (CVE-2025-45582), go-srpm-macros-3.2.0-1.el9 (CVE-2024-8244), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2025-29768, CVE-2025-9390), libpq-devel-13.5-1.el9 (CVE-2025-4207), mod_ldap-2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), mod_session-2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), openssh-clients-8.7p1-29.el9_2 (CVE-2023-51767, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985), libxml2-devel-2.9.13-3.el9_1 (CVE-2025-9714), tpm2-tss-3.0.3-8.el9 (CVE-2024-29040), mod_ssl-1:2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), rsync-3.2.3-19.el9 (CVE-2024-12086, CVE-2025-10158), libxslt-1.1.34-9.el9 (CVE-2023-40403, CVE-2025-10911), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2025-29768, CVE-2025-9390), gdb-headless-10.2-10.el9 (CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-5245), git-core-doc-2.39.3-1.el9_2 (CVE-2025-48386), perl-Git-2.39.3-1.el9_2 (CVE-2025-48386), python3-libs-3.9.16-1.el9 (CVE-2025-4516, CVE-2025-6069, CVE-2025-8291), systemd-libs-252-13.el9_2 (CVE-2025-4598), lz4-libs-1.9.3-5.el9 (CVE-2025-62813), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2025-10966, CVE-2025-9086), libtiff-devel-4.4.0-7.el9 (CVE-2017-17973, CVE-2023-25433, CVE-2023-25434, CVE-2023-25435, CVE-2023-3164, CVE-2023-6277, CVE-2025-8851), python3-3.9.16-1.el9 (CVE-2025-4516, CVE-2025-6069, CVE-2025-8291), curl-minimal-7.76.1-23.el9 (CVE-2025-10966, CVE-2025-9086), httpd-core-2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), httpd-2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), httpd-filesystem-2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), npm-1:8.19.3-1.16.19.1.1.el9_2 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-52099, CVE-2025-7458), systemd-pam-252-13.el9_2 (CVE-2025-4598), binutils-gold-2.35.2-37.el9 (CVE-2021-20197, CVE-2021-45078, CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-5245, CVE-2025-7545, CVE-2025-7546), sqlite-3.34.1-6.el9_1 (CVE-2025-52099), sqlite-libs-3.34.1-6.el9_1 (CVE-2025-52099), nodejs-docs-1:16.19.1-1.el9_2 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-52099, CVE-2025-7458), libpq-13.5-1.el9 (CVE-2025-4207), python3-pip-wheel-21.2.3-6.el9 (CVE-2023-45803, CVE-2025-50181, CVE-2025-50182), qt5-srpm-macros-5.15.3-1.el9 (CVE-2021-38593, CVE-2023-24607, CVE-2025-5683), httpd-tools-2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), gdb-gdbserver-10.2-10.el9 (CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-5245), libX11-devel-1.7.0-7.el9 (CVE-2021-31535, CVE-2022-3554), git-core-2.39.3-1.el9_2 (CVE-2025-48386), python3-pip-21.2.3-6.el9 (CVE-2023-45803, CVE-2025-50181, CVE-2025-50182), libarchive-3.5.3-4.el9 (CVE-2023-30571, CVE-2025-60753), httpd-devel-2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), nodejs-1:16.19.1-1.el9_2 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-52099, CVE-2025-7458), coreutils-single-8.32-34.el9 (CVE-2025-5278), binutils-2.35.2-37.el9 (CVE-2021-20197, CVE-2021-45078, CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-5245, CVE-2025-7545, CVE-2025-7546), systemd-252-13.el9_2 (CVE-2025-4598), nodejs-full-i18n-1:16.19.1-1.el9_2 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-52099, CVE-2025-7458), sqlite-devel-3.34.1-6.el9_1 (CVE-2025-52099), nodejs-libs-1:16.19.1-1.el9_2 (CVE-2021-27290, CVE-2021-3807, CVE-2022-25883, CVE-2023-38552, CVE-2023-46809, CVE-2024-24806, CVE-2025-29087, CVE-2025-52099, CVE-2025-7458), gdb-10.2-10.el9 (CVE-2025-11081, CVE-2025-11082, CVE-2025-11083, CVE-2025-5245), libxslt-devel-1.1.34-9.el9 (CVE-2023-40403, CVE-2025-10911), python3-devel-3.9.16-1.el9 (CVE-2025-4516, CVE-2025-6069, CVE-2025-8291), wget-1.21.1-7.el9 (CVE-2021-31879, CVE-2024-10524), libcurl-devel-7.76.1-23.el9_2.1 (CVE-2025-10966, CVE-2025-9086), libX11-common-1.7.0-7.el9 (CVE-2021-31535, CVE-2022-3554), mod_lua-2.4.53-11.el9_2.5 (CVE-2024-42516, CVE-2024-43204, CVE-2025-53020), systemd-rpm-macros-252-13.el9_2 (CVE-2025-4598), libX11-xcb-1.7.0-7.el9 (CVE-2021-31535, CVE-2022-3554), bsdtar-3.5.3-4.el9 (CVE-2023-30571, CVE-2025-60753), openssh-8.7p1-29.el9_2 (CVE-2023-51767, CVE-2025-32728, CVE-2025-61984, CVE-2025-61985), libtiff-4.4.0-7.el9 (CVE-2017-17973, CVE-2023-25433, CVE-2023-25434, CVE-2023-25435, CVE-2023-3164, CVE-2023-6277, CVE-2025-8851), libxml2-2.9.13-3.el9_1 (CVE-2025-9714), libX11-1.7.0-7.el9 (CVE-2021-31535, CVE-2022-3554)",
						"name": "clair_unpatched_medium_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 190
				}
			},
			{
				"msg": "Found packages with low/negligible vulnerabilities associated with RHSA fixes. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: git-2.39.3-1.el9_2 (CVE-2024-32020, CVE-2024-32021, CVE-2024-50349, CVE-2024-52006, CVE-2025-46835), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2021-3903, CVE-2023-4752), libpq-devel-13.5-1.el9 (CVE-2022-41862), glibc-minimal-langpack-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), krb5-devel-1.20.1-8.el9 (CVE-2024-26458, CVE-2024-26461), mod_ldap-2.4.53-11.el9_2.5 (CVE-2024-24795), ncurses-base-6.2-8.20210508.el9 (CVE-2022-29458), file-libs-5.39-12.el9 (CVE-2022-48554), mod_session-2.4.53-11.el9_2.5 (CVE-2024-24795), mod_ssl-1:2.4.53-11.el9_2.5 (CVE-2024-24795), glibc-locale-source-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), glibc-devel-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), glibc-langpack-en-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2021-3903, CVE-2023-4752), file-5.39-12.el9 (CVE-2022-48554), glibc-gconv-extra-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), gdb-headless-10.2-10.el9 (CVE-2021-3826), mod_http2-1.15.19-4.el9_2.4 (CVE-2024-36387), procps-ng-3.3.17-11.el9 (CVE-2023-4016), git-core-doc-2.39.3-1.el9_2 (CVE-2024-32020, CVE-2024-32021, CVE-2024-50349, CVE-2024-52006, CVE-2025-46835), perl-Git-2.39.3-1.el9_2 (CVE-2024-32020, CVE-2024-32021, CVE-2024-50349, CVE-2024-52006, CVE-2025-46835), python3-libs-3.9.16-1.el9 (CVE-2024-0397, CVE-2024-4032, CVE-2024-7592), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), libtiff-devel-4.4.0-7.el9 (CVE-2023-6228), glibc-headers-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), python3-3.9.16-1.el9 (CVE-2024-0397, CVE-2024-4032, CVE-2024-7592), libkadm5-1.20.1-8.el9 (CVE-2024-26458, CVE-2024-26461), curl-minimal-7.76.1-23.el9 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), krb5-libs-1.20.1-8.el9 (CVE-2024-26458, CVE-2024-26461), httpd-core-2.4.53-11.el9_2.5 (CVE-2024-24795), httpd-2.4.53-11.el9_2.5 (CVE-2024-24795), ncurses-6.2-8.20210508.el9 (CVE-2022-29458), httpd-filesystem-2.4.53-11.el9_2.5 (CVE-2024-24795), npm-1:8.19.3-1.16.19.1.1.el9_2 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2023-39333, CVE-2023-45143, CVE-2024-22018, CVE-2024-25629, CVE-2024-36137, CVE-2025-23165), nodejs-docs-1:16.19.1-1.el9_2 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2023-39333, CVE-2023-45143, CVE-2024-22018, CVE-2024-25629, CVE-2024-36137, CVE-2025-23165), libpq-13.5-1.el9 (CVE-2022-41862), libcap-2.48-8.el9 (CVE-2023-2602), shadow-utils-2:4.9-6.el9 (CVE-2023-4641, CVE-2024-56433), qt5-srpm-macros-5.15.3-1.el9 (CVE-2023-32573), httpd-tools-2.4.53-11.el9_2.5 (CVE-2024-24795), gdb-gdbserver-10.2-10.el9 (CVE-2021-3826), git-core-2.39.3-1.el9_2 (CVE-2024-32020, CVE-2024-32021, CVE-2024-50349, CVE-2024-52006, CVE-2025-46835), ncurses-libs-6.2-8.20210508.el9 (CVE-2022-29458), httpd-devel-2.4.53-11.el9_2.5 (CVE-2024-24795), nodejs-1:16.19.1-1.el9_2 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2023-39333, CVE-2023-45143, CVE-2024-22018, CVE-2024-25629, CVE-2024-36137, CVE-2025-23165), glibc-common-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), glib2-devel-2.68.4-6.el9 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32665), openssl-devel-1:3.0.7-6.el9_2 (CVE-2023-0464, CVE-2023-0465, CVE-2023-1255, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535), openssl-1:3.0.7-6.el9_2 (CVE-2023-0464, CVE-2023-0465, CVE-2023-1255, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535), nodejs-full-i18n-1:16.19.1-1.el9_2 (CVE-2023-23920, CVE-2023-24807, CVE-2023-31124, CVE-2023-39333, CVE-2023-45143, CVE-2024-22018, CVE-2024-25629, CVE-2024-36137, CVE-2025-23165), glib2-2.68.4-6.el9 (CVE-2023-29499, CVE-2023-32611, CVE-2023-32665), nodejs-libs-1:16.19.1-1.el9_2 (CVE-2023-31124, CVE-2024-25629, CVE-2025-23165), gdb-10.2-10.el9 (CVE-2021-3826), python3-devel-3.9.16-1.el9 (CVE-2024-0397, CVE-2024-4032, CVE-2024-7592), glibc-2.34-60.el9 (CVE-2024-33601, CVE-2024-33602), libcurl-devel-7.76.1-23.el9_2.1 (CVE-2023-27533, CVE-2023-27534, CVE-2023-28322, CVE-2023-38546), mod_lua-2.4.53-11.el9_2.5 (CVE-2024-24795), openssl-libs-1:3.0.7-6.el9_2 (CVE-2023-0464, CVE-2023-0465, CVE-2023-1255, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535), libtiff-4.4.0-7.el9 (CVE-2023-6228)",
						"name": "clair_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 181
				}
			},
			{
				"msg": "Found packages with unpatched low/negligible vulnerabilities. These vulnerabilities don't have a known fix at this time.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: tar-2:1.34-6.el9_1 (CVE-2023-39804), elfutils-default-yama-scope-0.188-3.el9 (CVE-2024-25260, CVE-2025-1371, CVE-2025-1376, CVE-2025-1377), vim-minimal-2:8.2.2637-20.el9_1 (CVE-2021-3927, CVE-2021-3928, CVE-2021-3968, CVE-2021-3973, CVE-2021-3974, CVE-2021-4136, CVE-2021-4166, CVE-2021-4173, CVE-2021-4187, CVE-2022-0213, CVE-2022-0351, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1674, CVE-2022-1720, CVE-2022-1725, CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2257, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3256, CVE-2022-3278, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352, CVE-2022-3705, CVE-2022-4141, CVE-2022-4292, CVE-2022-4293, CVE-2023-0049, CVE-2023-0051, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433, CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264, CVE-2023-2609, CVE-2023-2610, CVE-2023-46246, CVE-2023-4734, CVE-2023-4735, CVE-2023-4738, CVE-2023-4751, CVE-2023-4781, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535, CVE-2024-22667, CVE-2024-41957, CVE-2024-41965, CVE-2024-43374, CVE-2024-43802, CVE-2024-45306, CVE-2024-47814, CVE-2025-1215, CVE-2025-22134, CVE-2025-24014, CVE-2025-26603), libstdc++-devel-11.3.1-4.3.el9 (CVE-2022-27943), gcc-c++-11.3.1-4.3.el9 (CVE-2022-27943), gcc-gfortran-11.3.1-4.3.el9 (CVE-2022-27943), gcc-11.3.1-4.3.el9 (CVE-2022-27943), elfutils-libelf-0.188-3.el9 (CVE-2024-25260, CVE-2025-1371, CVE-2025-1376, CVE-2025-1377), pcre2-devel-10.40-2.el9 (CVE-2022-41409), ncurses-base-6.2-8.20210508.el9 (CVE-2023-50495), unzip-6.0-56.el9 (CVE-2021-4217, CVE-2022-0529, CVE-2022-0530), libstdc++-11.3.1-4.3.el9 (CVE-2022-27943), libgfortran-11.3.1-4.3.el9 (CVE-2022-27943), libxml2-devel-2.9.13-3.el9_1 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170), libxslt-1.1.34-9.el9 (CVE-2025-11731), vim-filesystem-2:8.2.2637-20.el9_1 (CVE-2021-3927, CVE-2021-3928, CVE-2021-3968, CVE-2021-3973, CVE-2021-3974, CVE-2021-4136, CVE-2021-4166, CVE-2021-4173, CVE-2021-4187, CVE-2022-0213, CVE-2022-0351, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1674, CVE-2022-1720, CVE-2022-1725, CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2257, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3037, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3256, CVE-2022-3278, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352, CVE-2022-3705, CVE-2022-4141, CVE-2022-4292, CVE-2022-4293, CVE-2023-0049, CVE-2023-0051, CVE-2023-0054, CVE-2023-0288, CVE-2023-0433, CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264, CVE-2023-2609, CVE-2023-2610, CVE-2023-46246, CVE-2023-4734, CVE-2023-4735, CVE-2023-4738, CVE-2023-4751, CVE-2023-4781, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535, CVE-2024-22667, CVE-2024-41957, CVE-2024-41965, CVE-2024-43374, CVE-2024-43802, CVE-2024-45306, CVE-2024-47814, CVE-2025-1215, CVE-2025-22134, CVE-2025-24014, CVE-2025-26603), gdb-headless-10.2-10.el9 (CVE-2022-47007, CVE-2022-47010, CVE-2022-47011, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198), python3-libs-3.9.16-1.el9 (CVE-2025-1795, CVE-2025-6075), pcre2-utf32-10.40-2.el9 (CVE-2022-41409), libquadmath-11.3.1-4.3.el9 (CVE-2022-27943), elfutils-debuginfod-client-0.188-3.el9 (CVE-2024-25260, CVE-2025-1371, CVE-2025-1376, CVE-2025-1377), libcurl-minimal-7.76.1-23.el9_2.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), libtiff-devel-4.4.0-7.el9 (CVE-2017-16232, CVE-2022-1056, CVE-2023-1916, CVE-2024-13978, CVE-2025-8961, CVE-2025-9165), python3-3.9.16-1.el9 (CVE-2025-1795, CVE-2025-6075), curl-minimal-7.76.1-23.el9 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), libpkgconf-1.7.3-10.el9 (CVE-2023-24056), ncurses-6.2-8.20210508.el9 (CVE-2023-50495), npm-1:8.19.3-1.16.19.1.1.el9_2 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889), libquadmath-devel-11.3.1-4.3.el9 (CVE-2022-27943), binutils-gold-2.35.2-37.el9 (CVE-2021-3826, CVE-2022-38533, CVE-2022-44840, CVE-2022-47007, CVE-2022-47008, CVE-2022-47010, CVE-2022-47011, CVE-2023-1972, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198), sqlite-3.34.1-6.el9_1 (CVE-2024-0232), sqlite-libs-3.34.1-6.el9_1 (CVE-2024-0232), nodejs-docs-1:16.19.1-1.el9_2 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889), python3-pip-wheel-21.2.3-6.el9 (CVE-2021-3572), pkgconf-1.7.3-10.el9 (CVE-2023-24056), libgcc-11.3.1-4.3.el9 (CVE-2022-27943), qt5-srpm-macros-5.15.3-1.el9 (CVE-2025-23050), libpng-2:1.6.37-12.el9 (CVE-2022-3857), gdb-gdbserver-10.2-10.el9 (CVE-2022-47007, CVE-2022-47010, CVE-2022-47011, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198), gawk-5.1.0-6.el9 (CVE-2023-4156), pcre2-syntax-10.40-2.el9 (CVE-2022-41409), gnupg2-2.3.3-2.el9_0 (CVE-2022-3219, CVE-2025-30258), libX11-devel-1.7.0-7.el9 (CVE-2022-3555), python3-pip-21.2.3-6.el9 (CVE-2021-3572), ncurses-libs-6.2-8.20210508.el9 (CVE-2023-50495), libarchive-3.5.3-4.el9 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), cmake-data-3.20.2-8.el9 (CVE-2025-9301), emacs-filesystem-1:27.2-8.el9_2.1 (CVE-2017-1000383), nodejs-1:16.19.1-1.el9_2 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889), libgomp-11.3.1-4.3.el9 (CVE-2022-27943), patch-2.7.6-16.el9 (CVE-2021-45261), cpp-11.3.1-4.3.el9 (CVE-2022-27943), binutils-2.35.2-37.el9 (CVE-2021-3826, CVE-2022-38533, CVE-2022-44840, CVE-2022-47007, CVE-2022-47008, CVE-2022-47010, CVE-2022-47011, CVE-2023-1972, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198), glib2-devel-2.68.4-6.el9 (CVE-2023-32636, CVE-2025-3360), openssl-devel-1:3.0.7-6.el9_2 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232), openssl-1:3.0.7-6.el9_2 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232), nodejs-full-i18n-1:16.19.1-1.el9_2 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889), pkgconf-pkg-config-1.7.3-10.el9 (CVE-2023-24056), cmake-rpm-macros-3.20.2-8.el9 (CVE-2025-9301), glib2-2.68.4-6.el9 (CVE-2023-32636, CVE-2025-3360), sqlite-devel-3.34.1-6.el9_1 (CVE-2024-0232), pcre2-10.40-2.el9 (CVE-2022-41409), libpng-devel-2:1.6.37-12.el9 (CVE-2022-3857), nodejs-libs-1:16.19.1-1.el9_2 (CVE-2023-39333, CVE-2023-45143, CVE-2024-21538, CVE-2025-47279, CVE-2025-5889), gdb-10.2-10.el9 (CVE-2022-47007, CVE-2022-47010, CVE-2022-47011, CVE-2024-57360, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-1150, CVE-2025-1151, CVE-2025-1152, CVE-2025-1153, CVE-2025-11839, CVE-2025-11840, CVE-2025-3198), libxslt-devel-1.1.34-9.el9 (CVE-2025-11731), cmake-3.20.2-8.el9 (CVE-2025-9301), python3-devel-3.9.16-1.el9 (CVE-2025-1795, CVE-2025-6075), pkgconf-m4-1.7.3-10.el9 (CVE-2023-24056), libcurl-devel-7.76.1-23.el9_2.1 (CVE-2024-11053, CVE-2024-7264, CVE-2024-9681), gcc-plugin-annobin-11.3.1-4.3.el9 (CVE-2022-27943), libX11-common-1.7.0-7.el9 (CVE-2022-3555), cmake-filesystem-3.20.2-8.el9 (CVE-2025-9301), openssl-libs-1:3.0.7-6.el9_2 (CVE-2024-13176, CVE-2024-41996, CVE-2025-9232), libX11-xcb-1.7.0-7.el9 (CVE-2022-3555), bsdtar-3.5.3-4.el9 (CVE-2025-1632, CVE-2025-5915, CVE-2025-5916, CVE-2025-5917, CVE-2025-5918), libtiff-4.4.0-7.el9 (CVE-2017-16232, CVE-2022-1056, CVE-2023-1916, CVE-2024-13978, CVE-2025-8961, CVE-2025-9165), pcre2-utf16-10.40-2.el9 (CVE-2022-41409), elfutils-libs-0.188-3.el9 (CVE-2024-25260, CVE-2025-1371, CVE-2025-1376, CVE-2025-1377), libxml2-2.9.13-3.el9_1 (CVE-2023-45322, CVE-2024-34459, CVE-2025-27113, CVE-2025-6170), libX11-1.7.0-7.el9 (CVE-2022-3555)",
						"name": "clair_unpatched_low_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 454
				}
			},
			{
				"msg": "Found packages with unknown vulnerabilities. Consider updating to a newer version of those packages, they may no longer be affected by the reported CVEs.",
				"metadata": {
					"details": {
						"description": "Vulnerabilities found: libwebp-1.2.0-6.el9_1 (CVE-2023-5129), libwebp-devel-1.2.0-6.el9_1 (CVE-2023-5129)",
						"name": "clair_unknown_vulnerabilities",
						"url": "https://access.redhat.com/articles/red_hat_vulnerability_tutorial"
					},
					"vulnerabilities_number": 2
				}
			}
		]
	}
]
{"vulnerabilities":{"critical":0,"high":220,"medium":631,"low":181,"unknown":2},"unpatched_vulnerabilities":{"critical":0,"high":2,"medium":190,"low":454,"unknown":0}}
{"image": {"pullspec": "quay.io/redhat-appstudio-qe/group-pdxf/python-component-xmbreh:on-pr-04aab54d1f96eccf7571836d3d7dbd465745879d", "digests": ["sha256:b8ccc2736cd26a33a92a6fbf28bddf9c0bea396f188776a42acfe5e657dc5726"]}}
{"result":"SUCCESS","timestamp":"2026-02-16T06:18:44+00:00","note":"Task clair-scan completed: Refer to Tekton task result SCAN_OUTPUT for vulnerabilities scanned by Clair.","namespace":"default","successes":0,"failures":0,"warnings":0}