Adds note to Clair docs about multiple reporting (#634)

Co-authored-by: Steven Smith <stevsmit@stevsmit.remote.csb>
quay · Apr 6, 2023 · 4705e00 · 4705e00
1 parent 7caec0d
commit 4705e00
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/modules/clair-testing.adoc b/modules/clair-testing.adoc
@@ -47,4 +47,9 @@ image:clair-reposcan.png[Security scan information appears for scanned repositor
 . Click the image report, for example, *45 medium*, to show a more detailed report:
 +
 .Report details
-image:clair-vulnerabilities.png[See all vulnerabilities or only those that are fixable]
+image:clair-vulnerabilities.png[See all vulnerabilities or only those that are fixable]
++
+[NOTE]
+====
+In some cases, Clair shows duplicate reports on images, for example, `ubi8/nodejs-12` or `ubi8/nodejs-16`. This occurs because vulnerabilities with same name are for different packages. This behavior is expected with Clair vulnerability reporting and will not be addressed as a bug.
+====