Container: step-report
{
  "results": [
    {
      "metadata": {
        "id": "quay.io/rhtap_qe/rhtap-qe-dotnet-basic:7ed276fb800b2f1523d3b46c6ca33455edaecefc@sha256:98eb3b2150d500528986c37fe97cf7e0bb0adf875db780e80ee143100403d71b",
        "additionalInfo": {
          "name": "quay.io/rhtap_qe/rhtap-qe-dotnet-basic:7ed276fb800b2f1523d3b46c6ca33455edaecefc@sha256:98eb3b2150d500528986c37fe97cf7e0bb0adf875db780e80ee143100403d71b",
          "type": "image"
        }
      },
      "summary": {
        "CRITICAL": 0,
        "HIGH": 1,
        "LOW": 1,
        "MEDIUM": 0,
        "TOTAL": 2
      },
      "violatedPolicies": [
        {
          "name": "Fixable Severity at least Important",
          "severity": "HIGH",
          "description": "Alert on deployments with fixable vulnerabilities with a Severity Rating at least Important",
          "violation": [
            "Fixable CVE-2024-21538 (CVSS 7.5) (severity Important) found in component 'cross-spawn' (version 7.0.3), resolved by version 7.0.5",
            "Fixable RHSA-2024:10379 (CVSS 7.4) (severity Important) found in component 'pam' (version 1.3.1-34.el8_10), resolved by version 0:1.3.1-36.el8_10",
            "Fixable RHSA-2025:0382 (CVSS 8.8) (severity Important) found in component 'dotnet-host' (version 9.0.0-1.el8_10), resolved by version 0:9.0.1-1.el8_10",
            "Fixable RHSA-2025:0382 (CVSS 8.8) (severity Important) found in component 'netstandard-targeting-pack-2.1' (version 9.0.100-1.el8_10), resolved by version 0:9.0.102-1.el8_10",
            "Fixable RHSA-2025:10027 (CVSS 7.8) (severity Important) found in component 'pam' (version 1.3.1-34.el8_10), resolved by version 0:1.3.1-37.el8_10",
            "Fixable RHSA-2025:10128 (CVSS 7.6) (severity Important) found in component 'platform-python' (version 3.6.8-67.el8_10), resolved by version 0:3.6.8-70.el8_10",
            "Fixable RHSA-2025:10128 (CVSS 7.6) (severity Important) found in component 'python3-libs' (version 3.6.8-67.el8_10), resolved by version 0:3.6.8-70.el8_10",
            "Fixable RHSA-2025:10698 (CVSS 9.1) (severity Important) found in component 'libxml2' (version 2.9.7-18.el8_10.1), resolved by version 0:2.9.7-21.el8_10.1",
            "Fixable RHSA-2025:12010 (CVSS 7.7) (severity Important) found in component 'sqlite-libs' (version 3.26.0-19.el8_9), resolved by version 0:3.26.0-20.el8_10",
            "Fixable RHSA-2025:12450 (CVSS 7.8) (severity Important) found in component 'libxml2' (version 2.9.7-18.el8_10.1), resolved by version 0:2.9.7-21.el8_10.2",
            "Fixable RHSA-2025:14135 (CVSS 7.3) (severity Important) found in component 'libarchive' (version 3.3.3-5.el8), resolved by version 0:3.3.3-6.el8_10",
            "Fixable RHSA-2025:14557 (CVSS 7.8) (severity Important) found in component 'pam' (version 1.3.1-34.el8_10), resolved by version 0:1.3.1-38.el8_10",
            "Fixable RHSA-2025:2667 (CVSS 7.8) (severity Important) found in component 'dotnet-host' (version 9.0.0-1.el8_10), resolved by version 0:9.0.3-1.el8_10",
            "Fixable RHSA-2025:2667 (CVSS 7.8) (severity Important) found in component 'netstandard-targeting-pack-2.1' (version 9.0.100-1.el8_10), resolved by version 0:9.0.104-1.el8_10",
            "Fixable RHSA-2025:2686 (CVSS 8.1) (severity Important) found in component 'libxml2' (version 2.9.7-18.el8_10.1), resolved by version 0:2.9.7-19.el8_10",
            "Fixable RHSA-2025:7571 (CVSS 8) (severity Important) found in component 'dotnet-host' (version 9.0.0-1.el8_10), resolved by version 0:9.0.5-1.el8_10",
            "Fixable RHSA-2025:7571 (CVSS 8) (severity Important) found in component 'netstandard-targeting-pack-2.1' (version 9.0.100-1.el8_10), resolved by version 0:9.0.106-1.el8_10",
            "Fixable RHSA-2025:8815 (CVSS 7.5) (severity Important) found in component 'dotnet-host' (version 9.0.0-1.el8_10), resolved by version 0:9.0.6-1.el8_10",
            "Fixable RHSA-2025:8815 (CVSS 7.5) (severity Important) found in component 'netstandard-targeting-pack-2.1' (version 9.0.100-1.el8_10), resolved by version 0:9.0.107-1.el8_10"
          ],
          "remediation": "Use your package manager to update to a fixed version in future builds or speak with your security team to mitigate the vulnerabilities.",
          "failingCheck": true
        },
        {
          "name": "Red Hat Package Manager in Image",
          "severity": "LOW",
          "description": "Alert on deployments with components of the Red Hat/Fedora/CentOS package management system.",
          "violation": [
            "Image includes component 'dnf' (version 4.7.0-20.el8)",
            "Image includes component 'rpm' (version 4.14.3-31.el8)",
            "Image includes component 'yum' (version 4.7.0-20.el8)"
          ],
          "remediation": "Run `rpm -e --nodeps $(rpm -qa '*rpm*' '*dnf*' '*libsolv*' '*hawkey*' 'yum*')` in the image build for production containers.",
          "failingCheck": false
        }
      ]
    }
  ],
  "summary": {
    "CRITICAL": 0,
    "HIGH": 1,
    "LOW": 1,
    "MEDIUM": 0,
    "TOTAL": 2
  }
}