{ "reportRequest": { "imageDigest": "sha256:7dbe0c9a5d4f1c8184007e9d94dbe55928f8a2db5ab9c1c2d4a2f7bbcdfe1234", "findings": [ { "id": "library:pkg/openssl@1.1.1w", "severity": "Unknown", "source": "NVD", "tags": [ "trust:vendor", "reachability:unknown", "unknown-age-days:5" ] }, { "id": "library:pkg/zlib@1.3.1", "severity": "High", "source": "NVD", "tags": [ "state:unknown", "reachability:runtime", "unknown-since:2025-10-10T00:00:00Z", "observed-at:2025-10-19T12:00:00Z" ] } ], "baseline": [ { "findingId": "library:pkg/openssl@1.1.1w", "status": "Pass", "score": 0, "configVersion": "1.0", "inputs": { "severityWeight": 25, "trustWeight": 1, "reachabilityWeight": 0.45, "baseScore": 11.25 }, "quiet": false }, { "findingId": "library:pkg/zlib@1.3.1", "status": "Pass", "score": 0, "configVersion": "1.0", "inputs": { "severityWeight": 75, "trustWeight": 1, "reachabilityWeight": 0.45, "baseScore": 33.75 }, "quiet": false } ] }, "reportResponse": { "report": { "reportId": "report-9f8cde21aab54321", "imageDigest": "sha256:7dbe0c9a5d4f1c8184007e9d94dbe55928f8a2db5ab9c1c2d4a2f7bbcdfe1234", "generatedAt": "2025-10-23T15:32:22Z", "verdict": "blocked", "policy": { "revisionId": "rev-42", "digest": "8a0f72f8dc5c51c46991db3bba34e9b3c0c8e944a7a6d0a9c29a9aa6b8439876" }, "summary": { "total": 2, "blocked": 1, "warned": 1, "ignored": 0, "quieted": 0 }, "verdicts": [ { "findingId": "library:pkg/openssl@1.1.1w", "status": "Blocked", "ruleName": "Block vendor unknowns", "ruleAction": "block", "notes": "Unknown vendor telemetry — medium confidence band.", "score": 19.5, "configVersion": "1.0", "inputs": { "severityWeight": 50, "trustWeight": 0.65, "reachabilityWeight": 0.6, "baseScore": 19.5, "trustWeight.vendor": 0.65, "reachability.unknown": 0.6, "unknownConfidence": 0.55, "unknownAgeDays": 5 }, "quietedBy": null, "quiet": false, "unknownConfidence": 0.55, "confidenceBand": "medium", "unknownAgeDays": 5, "sourceTrust": "vendor", "reachability": "unknown" }, { "findingId": "library:pkg/zlib@1.3.1", "status": "Warned", "ruleName": "Runtime mitigation required", "ruleAction": "warn", "notes": "Runtime reachable unknown — mitigation window required.", "score": 18.75, "configVersion": "1.0", "inputs": { "severityWeight": 75, "trustWeight": 1, "reachabilityWeight": 0.45, "baseScore": 33.75, "reachability.runtime": 0.45, "warnPenalty": 15, "unknownConfidence": 0.35, "unknownAgeDays": 13 }, "quietedBy": null, "quiet": false, "unknownConfidence": 0.35, "confidenceBand": "medium", "unknownAgeDays": 13, "sourceTrust": "NVD", "reachability": "runtime" } ], "issues": [] }, "dsse": { "payloadType": "application/vnd.stellaops.report+json", "payload": "eyJyZXBvcnQiOnsicmVwb3J0SWQiOiJyZXBvcnQtOWY4Y2RlMjFhYWI1NDMyMSJ9fQ==", "signatures": [ { "keyId": "scanner-report-signing", "algorithm": "hs256", "signature": "MEQCIGHscnJ2bm9wYXlsb2FkZXIAIjANBgkqhkiG9w0BAQsFAAOCAQEASmFja3Nvbk1ldGE=" } ] } } }