Currently Clair needs to consume data from https://access.redhat.com/security/data/metrics/cvemap.xml in order to find advisories related to Red Hat Container Catalog c/images. VEX data will incorporate this cvemap data by default and we will be consuming this data anyway once we switch to ingesting Red Hat Security Data from OVAL to VEX.

Components that need updating:

• Remove from defaults/delete RHCC updater
• Update RHCC matcher to consider VEX data and not RHCC data