running acs-image-check Step: acs-image-check Results: /workspace/source/source/results/acs-image-check Custom root CA variable is not set. Make sure CA trust is established Using rox central endpoint central-rhacs-operator.apps.rosa.rhtap-services.xmdt.p3.openshiftapps.com:443 Download roxctl cli roxctl image check ERROR: checking image failed: failed policies found: 1 policies violated that are failing the check Note: Violations are reported for informational purposes only and do not cause the task to fail. Running acs-image-check:report ACS_IMAGE_CHECK_EYECATCHER_BEGIN { "results": [ { "metadata": { "id": "quay.io/rhtap_qe/e2e-tests-go-wtnuioea:ea250daaef259642f039f0294903f2eb82407cb2@sha256:526abcb8adc7d7283e77bcf765477f4f18efcfb60697598927bf2e6428058523", "additionalInfo": { "name": "quay.io/rhtap_qe/e2e-tests-go-wtnuioea:ea250daaef259642f039f0294903f2eb82407cb2@sha256:526abcb8adc7d7283e77bcf765477f4f18efcfb60697598927bf2e6428058523", "type": "image" } }, "summary": { "CRITICAL": 0, "HIGH": 1, "LOW": 1, "MEDIUM": 0, "TOTAL": 2 }, "violatedPolicies": [ { "name": "Fixable Severity at least Important", "severity": "HIGH", "description": "Alert on deployments with fixable vulnerabilities with a Severity Rating at least Important", "violation": [ "Fixable CVE-2026-32281 (CVSS 7.5) (severity Important) found in component 'stdlib' (version 1.25.7), resolved by version 1.25.9", "Fixable CVE-2026-32283 (CVSS 7.5) (severity Important) found in component 'stdlib' (version 1.25.7), resolved by version 1.25.9" ], "remediation": "Use your package manager to update to a fixed version in future builds or speak with your security team to mitigate the vulnerabilities.", "failingCheck": true }, { "name": "Docker CIS 4.1: Ensure That a User for the Container Has Been Created", "severity": "LOW", "description": "Containers should run as a non-root user", "violation": [ "Image has user 'root'" ], "remediation": "Ensure that the Dockerfile for each container switches from the root user", "failingCheck": false } ] } ], "summary": { "CRITICAL": 0, "HIGH": 1, "LOW": 1, "MEDIUM": 0, "TOTAL": 2 } } ACS_IMAGE_CHECK_EYECATCHER_END running acs-image-scan Step: acs-image-scan Results: /workspace/source/source/results/acs-image-scan Custom root CA variable is not set. Make sure CA trust is established Running acs-image-scan:rox-image-scan Using rox central endpoint central-rhacs-operator.apps.rosa.rhtap-services.xmdt.p3.openshiftapps.com:443 Download roxctl cli roxctl image scan {"vulnerabilities":{"critical":0,"high":4,"medium":8,"low":8}} {"result":"SUCCESS","timestamp":"1777551350","note":"Task completed: Refer to Tekton task result SCAN_OUTPUT for found vulnerabilities.","namespace":"default","successes":"0","failures":"0","warnings":"0"} Running acs-image-scan:report ACS_IMAGE_SCAN_EYECATCHER_BEGIN { "result": { "summary": { "CRITICAL": 0, "IMPORTANT": 4, "LOW": 8, "MODERATE": 8, "TOTAL-COMPONENTS": 11, "TOTAL-VULNERABILITIES": 20 }, "vulnerabilities": [ { "cveId": "CVE-2026-4046", "cveSeverity": "IMPORTANT", "cveCVSS": 5.3, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4046", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4437", "cveSeverity": "MODERATE", "cveCVSS": 6.5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4437", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5435", "cveSeverity": "MODERATE", "cveCVSS": 5.9, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5435", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5450", "cveSeverity": "MODERATE", "cveCVSS": 5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5450", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5928", "cveSeverity": "MODERATE", "cveCVSS": 5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5928", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4438", "cveSeverity": "LOW", "cveCVSS": 4, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4438", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4046", "cveSeverity": "IMPORTANT", "cveCVSS": 5.3, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4046", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-common", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4437", "cveSeverity": "MODERATE", "cveCVSS": 6.5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4437", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-common", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5435", "cveSeverity": "MODERATE", "cveCVSS": 5.9, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5435", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-common", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5450", "cveSeverity": "MODERATE", "cveCVSS": 5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5450", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-common", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5928", "cveSeverity": "MODERATE", "cveCVSS": 5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5928", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-common", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4438", "cveSeverity": "LOW", "cveCVSS": 4, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4438", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-common", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4046", "cveSeverity": "IMPORTANT", "cveCVSS": 5.3, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4046", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-minimal-langpack", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4437", "cveSeverity": "MODERATE", "cveCVSS": 6.5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4437", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-minimal-langpack", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5435", "cveSeverity": "MODERATE", "cveCVSS": 5.9, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5435", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-minimal-langpack", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5450", "cveSeverity": "MODERATE", "cveCVSS": 5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5450", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-minimal-langpack", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-5928", "cveSeverity": "MODERATE", "cveCVSS": 5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-5928", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-minimal-langpack", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4438", "cveSeverity": "LOW", "cveCVSS": 4, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4438", "advisoryId": "", "advisoryInfo": "", "componentName": "glibc-minimal-langpack", "componentVersion": "2.34-231.el9_7.10", "componentFixedVersion": "" }, { "cveId": "CVE-2026-4878", "cveSeverity": "IMPORTANT", "cveCVSS": 6.7, "cveInfo": "https://access.redhat.com/security/cve/CVE-2026-4878", "advisoryId": "", "advisoryInfo": "", "componentName": "libcap", "componentVersion": "2.48-10.el9", "componentFixedVersion": "" }, { "cveId": "CVE-2026-32283", "cveSeverity": "IMPORTANT", "cveCVSS": 7.5, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.9" }, { "cveId": "CVE-2026-32281", "cveSeverity": "IMPORTANT", "cveCVSS": 7.5, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.9" }, { "cveId": "CVE-2026-32282", "cveSeverity": "MODERATE", "cveCVSS": 6.4, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.9" }, { "cveId": "CVE-2026-32289", "cveSeverity": "MODERATE", "cveCVSS": 6.1, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.9" }, { "cveId": "CVE-2026-32288", "cveSeverity": "MODERATE", "cveCVSS": 5.5, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-2026-32288", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.9" }, { "cveId": "CVE-2026-27142", "cveSeverity": "LOW", "cveCVSS": 0, "cveInfo": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.8" }, { "cveId": "CVE-2026-25679", "cveSeverity": "LOW", "cveCVSS": 0, "cveInfo": "https://go.dev/cl/752180", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.8" }, { "cveId": "CVE-2026-27139", "cveSeverity": "LOW", "cveCVSS": 0, "cveInfo": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.8" }, { "cveId": "CVE-2026-32280", "cveSeverity": "LOW", "cveCVSS": 0, "cveInfo": "https://go.dev/cl/758320", "advisoryId": "", "advisoryInfo": "", "componentName": "stdlib", "componentVersion": "1.25.7", "componentFixedVersion": "1.25.9" }, { "cveId": "CVE-2025-5278", "cveSeverity": "MODERATE", "cveCVSS": 4.4, "cveInfo": "https://access.redhat.com/security/cve/CVE-2025-5278", "advisoryId": "", "advisoryInfo": "", "componentName": "coreutils-single", "componentVersion": "8.32-39.el9", "componentFixedVersion": "" }, { "cveId": "CVE-2022-27943", "cveSeverity": "LOW", "cveCVSS": 5.5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2022-27943", "advisoryId": "", "advisoryInfo": "", "componentName": "libgcc", "componentVersion": "11.5.0-11.el9", "componentFixedVersion": "" }, { "cveId": "CVE-2023-50495", "cveSeverity": "LOW", "cveCVSS": 6.5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2023-50495", "advisoryId": "", "advisoryInfo": "", "componentName": "ncurses-base", "componentVersion": "6.2-12.20210508.el9", "componentFixedVersion": "" }, { "cveId": "CVE-2023-50495", "cveSeverity": "LOW", "cveCVSS": 6.5, "cveInfo": "https://access.redhat.com/security/cve/CVE-2023-50495", "advisoryId": "", "advisoryInfo": "", "componentName": "ncurses-libs", "componentVersion": "6.2-12.20210508.el9", "componentFixedVersion": "" }, { "cveId": "CVE-2022-41409", "cveSeverity": "LOW", "cveCVSS": 5.3, "cveInfo": "https://access.redhat.com/security/cve/CVE-2022-41409", "advisoryId": "", "advisoryInfo": "", "componentName": "pcre2", "componentVersion": "10.40-6.el9", "componentFixedVersion": "" }, { "cveId": "CVE-2022-41409", "cveSeverity": "LOW", "cveCVSS": 5.3, "cveInfo": "https://access.redhat.com/security/cve/CVE-2022-41409", "advisoryId": "", "advisoryInfo": "", "componentName": "pcre2-syntax", "componentVersion": "10.40-6.el9", "componentFixedVersion": "" } ] } } ACS_IMAGE_SCAN_EYECATCHER_END