Container: step-report
{
  "results": [
    {
      "metadata": {
        "id": "quay.io/rhtap_qe/rhtap-qe-java-springboot:5a30dc2a37a5ac8f7c924828d6d8c283709a825a@sha256:03c34601a5cd410326bb84f90c9ceec9be6df4b8f98dc5a2b2c8246a62589257",
        "additionalInfo": {
          "name": "quay.io/rhtap_qe/rhtap-qe-java-springboot:5a30dc2a37a5ac8f7c924828d6d8c283709a825a@sha256:03c34601a5cd410326bb84f90c9ceec9be6df4b8f98dc5a2b2c8246a62589257",
          "type": "image"
        }
      },
      "summary": {
        "CRITICAL": 0,
        "HIGH": 1,
        "LOW": 1,
        "MEDIUM": 0,
        "TOTAL": 2
      },
      "violatedPolicies": [
        {
          "name": "Fixable Severity at least Important",
          "severity": "HIGH",
          "description": "Alert on deployments with fixable vulnerabilities with a Severity Rating at least Important",
          "violation": [
            "Fixable RHSA-2025:15700 (CVSS 8) (severity Important) found in component 'cups-libs' (version 1:2.3.3op2-33.el9), resolved by version 1:2.3.3op2-33.el9_6.1"
          ],
          "remediation": "Use your package manager to update to a fixed version in future builds or speak with your security team to mitigate the vulnerabilities.",
          "failingCheck": true
        },
        {
          "name": "Red Hat Package Manager in Image",
          "severity": "LOW",
          "description": "Alert on deployments with components of the Red Hat/Fedora/CentOS package management system.",
          "violation": [
            "Image includes component 'microdnf' (version 3.9.1-3.el9)",
            "Image includes component 'rpm' (version 4.16.1.3-37.el9)"
          ],
          "remediation": "Run `rpm -e --nodeps $(rpm -qa '*rpm*' '*dnf*' '*libsolv*' '*hawkey*' 'yum*')` in the image build for production containers.",
          "failingCheck": false
        }
      ]
    }
  ],
  "summary": {
    "CRITICAL": 0,
    "HIGH": 1,
    "LOW": 1,
    "MEDIUM": 0,
    "TOTAL": 2
  }
}