Success: false Result: FAILURE Violations: 173, Warnings: 0, Successes: 130 Component: tsf-comp-ekdbd ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Results: ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2015-20107" vulnerability of high security level Term: CVE-2015-20107 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2015-20107" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2018-25032" vulnerability of high security level Term: CVE-2018-25032 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2018-25032" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2018-3258" vulnerability of high security level Term: CVE-2018-3258 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2018-3258" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2019-10086" vulnerability of high security level Term: CVE-2019-10086 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2019-10086" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2019-12086" vulnerability of high security level Term: CVE-2019-12086 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2019-12086" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-10735" vulnerability of high security level Term: CVE-2020-10735 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-10735" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-10968" vulnerability of high security level Term: CVE-2020-10968 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-10968" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-10969" vulnerability of high security level Term: CVE-2020-10969 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-10969" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-11619" vulnerability of high security level Term: CVE-2020-11619 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-11619" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-14061" vulnerability of high security level Term: CVE-2020-14061 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-14061" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-14062" vulnerability of high security level Term: CVE-2020-14062 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-14062" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-14195" vulnerability of high security level Term: CVE-2020-14195 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-14195" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-14334" vulnerability of high security level Term: CVE-2020-14334 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-14334" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-14380" vulnerability of high security level Term: CVE-2020-14380 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-14380" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-17049" vulnerability of high security level Term: CVE-2020-17049 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-17049" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-7238" vulnerability of high security level Term: CVE-2020-7238 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-7238" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-7943" vulnerability of high security level Term: CVE-2020-7943 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-7943" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-8184" vulnerability of high security level Term: CVE-2020-8184 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-8184" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-8185" vulnerability of high security level Term: CVE-2020-8185 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-8185" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-8840" vulnerability of high security level Term: CVE-2020-8840 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-8840" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-9546" vulnerability of high security level Term: CVE-2020-9546 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-9546" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-9547" vulnerability of high security level Term: CVE-2020-9547 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-9547" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2020-9548" vulnerability of high security level Term: CVE-2020-9548 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2020-9548" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-28861" vulnerability of high security level Term: CVE-2021-28861 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-28861" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-33503" vulnerability of high security level Term: CVE-2021-33503 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-33503" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-33928" vulnerability of high security level Term: CVE-2021-33928 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-33928" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-33929" vulnerability of high security level Term: CVE-2021-33929 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-33929" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-33930" vulnerability of high security level Term: CVE-2021-33930 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-33930" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-33938" vulnerability of high security level Term: CVE-2021-33938 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-33938" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-44964" vulnerability of high security level Term: CVE-2021-44964 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-44964" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-46828" vulnerability of high security level Term: CVE-2021-46828 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-46828" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2021-46877" vulnerability of high security level Term: CVE-2021-46877 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2021-46877" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-0413" vulnerability of high security level Term: CVE-2022-0413 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-0413" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-0554" vulnerability of high security level Term: CVE-2022-0554 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-0554" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-0943" vulnerability of high security level Term: CVE-2022-0943 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-0943" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1154" vulnerability of high security level Term: CVE-2022-1154 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1154" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1271" vulnerability of high security level Term: CVE-2022-1271 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1271" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1473" vulnerability of high security level Term: CVE-2022-1473 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1473" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1586" vulnerability of high security level Term: CVE-2022-1586 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1586" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1587" vulnerability of high security level Term: CVE-2022-1587 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1587" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1621" vulnerability of high security level Term: CVE-2022-1621 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1621" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1629" vulnerability of high security level Term: CVE-2022-1629 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1629" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1785" vulnerability of high security level Term: CVE-2022-1785 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1785" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1897" vulnerability of high security level Term: CVE-2022-1897 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1897" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-1927" vulnerability of high security level Term: CVE-2022-1927 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-1927" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-22576" vulnerability of high security level Term: CVE-2022-22576 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-22576" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-2509" vulnerability of high security level Term: CVE-2022-2509 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-2509" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-27775" vulnerability of high security level Term: CVE-2022-27775 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-27775" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-27782" vulnerability of high security level Term: CVE-2022-27782 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-27782" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-29824" vulnerability of high security level Term: CVE-2022-29824 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-29824" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-2996" vulnerability of high security level Term: CVE-2022-2996 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-2996" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-32207" vulnerability of critical security level Term: CVE-2022-32207 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-32207" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-3358" vulnerability of high security level Term: CVE-2022-3358 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-3358" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-3515" vulnerability of high security level Term: CVE-2022-3515 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-3515" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-3602" vulnerability of high security level Term: CVE-2022-3602 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-3602" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-37434" vulnerability of high security level Term: CVE-2022-37434 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-37434" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-3786" vulnerability of high security level Term: CVE-2022-3786 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-3786" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-40303" vulnerability of high security level Term: CVE-2022-40303 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-40303" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-40304" vulnerability of high security level Term: CVE-2022-40304 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-40304" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-40897" vulnerability of high security level Term: CVE-2022-40897 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-40897" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-42898" vulnerability of high security level Term: CVE-2022-42898 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-42898" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-42919" vulnerability of high security level Term: CVE-2022-42919 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-42919" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-4450" vulnerability of high security level Term: CVE-2022-4450 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-4450" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-45061" vulnerability of high security level Term: CVE-2022-45061 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-45061" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-47024" vulnerability of high security level Term: CVE-2022-47024 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-47024" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2022-47629" vulnerability of high security level Term: CVE-2022-47629 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2022-47629" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-0215" vulnerability of high security level Term: CVE-2023-0215 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-0215" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-0216" vulnerability of high security level Term: CVE-2023-0216 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-0216" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-0217" vulnerability of high security level Term: CVE-2023-0217 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-0217" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-0286" vulnerability of high security level Term: CVE-2023-0286 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-0286" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-0361" vulnerability of high security level Term: CVE-2023-0361 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-0361" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-0401" vulnerability of high security level Term: CVE-2023-0401 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-0401" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-24329" vulnerability of high security level Term: CVE-2023-24329 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-24329" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-2603" vulnerability of high security level Term: CVE-2023-2603 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-2603" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-29491" vulnerability of high security level Term: CVE-2023-29491 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-29491" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-2953" vulnerability of high security level Term: CVE-2023-2953 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-2953" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-38545" vulnerability of high security level Term: CVE-2023-38545 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-38545" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-3899" vulnerability of high security level Term: CVE-2023-3899 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-3899" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-39975" vulnerability of high security level Term: CVE-2023-39975 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-39975" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-40217" vulnerability of high security level Term: CVE-2023-40217 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-40217" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-44487" vulnerability of high security level Term: CVE-2023-44487 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-44487" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-4752" vulnerability of high security level Term: CVE-2023-4752 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-4752" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-4911" vulnerability of high security level Term: CVE-2023-4911 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-4911" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-52425" vulnerability of high security level Term: CVE-2023-52425 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-52425" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-5363" vulnerability of high security level Term: CVE-2023-5363 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-5363" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-6597" vulnerability of high security level Term: CVE-2023-6597 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-6597" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2023-7104" vulnerability of high security level Term: CVE-2023-7104 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2023-7104" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-0553" vulnerability of high security level Term: CVE-2024-0553 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-0553" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-0567" vulnerability of high security level Term: CVE-2024-0567 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-0567" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-10963" vulnerability of high security level Term: CVE-2024-10963 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-10963" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-12718" vulnerability of high security level Term: CVE-2024-12718 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-12718" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-12797" vulnerability of high security level Term: CVE-2024-12797 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-12797" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-2398" vulnerability of high security level Term: CVE-2024-2398 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-2398" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-25062" vulnerability of high security level Term: CVE-2024-25062 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-25062" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-26462" vulnerability of high security level Term: CVE-2024-26462 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-26462" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-28757" vulnerability of high security level Term: CVE-2024-28757 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-28757" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-2961" vulnerability of high security level Term: CVE-2024-2961 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-2961" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-33599" vulnerability of high security level Term: CVE-2024-33599 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-33599" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-3596" vulnerability of critical security level Term: CVE-2024-3596 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-3596" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-37370" vulnerability of high security level Term: CVE-2024-37370 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-37370" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-40896" vulnerability of critical security level Term: CVE-2024-40896 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-40896" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-45490" vulnerability of high security level Term: CVE-2024-45490 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-45490" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-45491" vulnerability of high security level Term: CVE-2024-45491 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-45491" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-52533" vulnerability of high security level Term: CVE-2024-52533 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-52533" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-56171" vulnerability of high security level Term: CVE-2024-56171 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-56171" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-6232" vulnerability of high security level Term: CVE-2024-6232 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-6232" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-6345" vulnerability of high security level Term: CVE-2024-6345 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-6345" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2024-8176" vulnerability of high security level Term: CVE-2024-8176 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2024-8176" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-12084" vulnerability of high security level Term: CVE-2025-12084 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-12084" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-13601" vulnerability of high security level Term: CVE-2025-13601 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-13601" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-14550" vulnerability of high security level Term: CVE-2025-14550 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-14550" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-14821" vulnerability of high security level Term: CVE-2025-14821 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-14821" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-15079" vulnerability of high security level Term: CVE-2025-15079 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-15079" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-15366" vulnerability of high security level Term: CVE-2025-15366 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-15366" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-15367" vulnerability of high security level Term: CVE-2025-15367 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-15367" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-15467" vulnerability of critical security level Term: CVE-2025-15467 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-15467" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-24928" vulnerability of high security level Term: CVE-2025-24928 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-24928" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-31115" vulnerability of high security level Term: CVE-2025-31115 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-31115" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-32415" vulnerability of high security level Term: CVE-2025-32415 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-32415" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-3277" vulnerability of high security level Term: CVE-2025-3277 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-3277" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-4138" vulnerability of high security level Term: CVE-2025-4138 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-4138" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-4330" vulnerability of high security level Term: CVE-2025-4330 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-4330" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-4435" vulnerability of high security level Term: CVE-2025-4435 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-4435" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-4517" vulnerability of high security level Term: CVE-2025-4517 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-4517" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-47273" vulnerability of high security level Term: CVE-2025-47273 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-47273" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-4802" vulnerability of high security level Term: CVE-2025-4802 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-4802" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-49794" vulnerability of critical security level Term: CVE-2025-49794 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-49794" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-49795" vulnerability of high security level Term: CVE-2025-49795 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-49795" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-49796" vulnerability of critical security level Term: CVE-2025-49796 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-49796" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-5318" vulnerability of high security level Term: CVE-2025-5318 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-5318" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-5914" vulnerability of high security level Term: CVE-2025-5914 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-5914" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-5987" vulnerability of high security level Term: CVE-2025-5987 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-5987" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-6020" vulnerability of high security level Term: CVE-2025-6020 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-6020" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-6021" vulnerability of high security level Term: CVE-2025-6021 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-6021" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-6176" vulnerability of high security level Term: CVE-2025-6176 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-6176" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-66418" vulnerability of high security level Term: CVE-2025-66418 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-66418" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-66471" vulnerability of high security level Term: CVE-2025-66471 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-66471" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-68121" vulnerability of high security level Term: CVE-2025-68121 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-68121" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-68973" vulnerability of high security level Term: CVE-2025-68973 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-68973" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-69419" vulnerability of high security level Term: CVE-2025-69419 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-69419" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-6965" vulnerability of high security level Term: CVE-2025-6965 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-6965" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-69720" vulnerability of high security level Term: CVE-2025-69720 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-69720" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-7424" vulnerability of high security level Term: CVE-2025-7424 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-7424" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-7425" vulnerability of high security level Term: CVE-2025-7425 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-7425" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-8194" vulnerability of high security level Term: CVE-2025-8194 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-8194" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2025-8941" vulnerability of high security level Term: CVE-2025-8941 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2025-8941" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-0861" vulnerability of high security level Term: CVE-2026-0861 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-0861" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-0980" vulnerability of high security level Term: CVE-2026-0980 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-0980" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1207" vulnerability of high security level Term: CVE-2026-1207 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1207" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1285" vulnerability of high security level Term: CVE-2026-1285 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1285" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1287" vulnerability of high security level Term: CVE-2026-1287 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1287" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1299" vulnerability of high security level Term: CVE-2026-1299 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1299" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1312" vulnerability of high security level Term: CVE-2026-1312 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1312" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1530" vulnerability of high security level Term: CVE-2026-1530 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1530" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1531" vulnerability of high security level Term: CVE-2026-1531 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1531" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1584" vulnerability of high security level Term: CVE-2026-1584 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1584" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-1961" vulnerability of high security level Term: CVE-2026-1961 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-1961" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-21441" vulnerability of high security level Term: CVE-2026-21441 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-21441" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-24882" vulnerability of high security level Term: CVE-2026-24882 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-24882" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-25749" vulnerability of high security level Term: CVE-2026-25749 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-25749" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-27135" vulnerability of high security level Term: CVE-2026-27135 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-27135" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-29111" vulnerability of high security level Term: CVE-2026-29111 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-29111" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-33412" vulnerability of high security level Term: CVE-2026-33412 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-33412" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-33845" vulnerability of high security level Term: CVE-2026-33845 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-33845" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-33846" vulnerability of high security level Term: CVE-2026-33846 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-33846" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-34982" vulnerability of high security level Term: CVE-2026-34982 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-34982" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-4111" vulnerability of high security level Term: CVE-2026-4111 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-4111" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-41989" vulnerability of high security level Term: CVE-2026-41989 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-41989" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-4424" vulnerability of high security level Term: CVE-2026-4424 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-4424" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-4519" vulnerability of high security level Term: CVE-2026-4519 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-4519" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-4786" vulnerability of high security level Term: CVE-2026-4786 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-4786" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-5121" vulnerability of high security level Term: CVE-2026-5121 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-5121" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. ✕ [Violation] cve.cve_blockers ImageRef: quay.io/rhtap_qe/default-tenant/tsf-comp-ekdbd@sha256:7bb382298554aa4868977dcf017902409f3600eef2415c2f68ec342f74c19787 Reason: Found "CVE-2026-6100" vulnerability of high security level Term: CVE-2026-6100 Title: Blocking CVE check Description: The SLSA Provenance attestation for the image is inspected to ensure CVEs that have a known fix and meet a certain security level have not been detected. If detected, this policy rule will fail. By default, only CVEs of critical and high security level cause a failure. This is configurable by the rule data key `restrict_cve_security_levels`. The available levels are critical, high, medium, low, and unknown. In addition to that leeway can be granted per severity using the `cve_leeway` rule data key containing days of allowed leeway, measured as time between found vulnerability's public disclosure date and current effective time, per severity level. To exclude this rule add "cve.cve_blockers:CVE-2026-6100" to the `exclude` section of the policy configuration. Solution: Make sure to address any CVE's related to the image. For more information about policy issues, see the policy documentation: https://conforma.dev/docs/policy/