Image  " registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b789d62036a3917cfe421b3f3119c6397dbb6c45fee82ca6d98002aa9b9223c7"   contains shell variables which prevents RHACS to scan image 

The image contains shell variables in /root/buildinfo/labels.json`

:{ "cpe": "cpe:/a:redhat:network_observ_optr:$BUILDVERSION_Y::el9", "version": "$BUILDVERSION"}

These variables should have been replaced during the image build process, we presume.

we checked what I believe is the latest tag for this image:

echo 'cat /root/buildinfo/labels.json' | podman run --user root -i --entrypoint 'bash' 'registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9:1.10.1'
{ "architecture": "x86_64", "vcs-type": "git", "vcs-ref": "f5f424f60129afbd2e8dcae11d7040f9fe57a640", "org.opencontainers.image.revision": "f5f424f60129afbd2e8dcae11d7040f9fe57a640", "build-date": "2025-12-02T13:52:38Z", "io.buildah.version": "1.41.4", "distribution-scope": "public", "url": "https://catalog.redhat.com/en/search?searchType", "vendor": "Red Hat, Inc.", "release": "1.10.1", "com.redhat.component": "network-observability-flowlogs-pipeline-container", "name": "network-observability/network-observability-flowlogs-pipeline-rhel9", "cpe": "cpe:/a:redhat:network_observ_optr:1.10::el9", "io.k8s.display-name": "Network Observability Flow-Logs Pipeline", "io.k8s.description": "Network Observability Flow-Logs Pipeline", "summary": "Network Observability Flow-Logs Pipeline", "maintainer": "support@redhat.com", "io.openshift.tags": "network-observability-flowlogs-pipeline", "description": "Flow-Logs Pipeline is an observability tool that consumes logs from various inputs, transforms them and exports logs to Loki and metrics to Prometheus.", "version": "1.10.1" }  

RHACS not able to scan the image due to shell variables inside the image 

RHACS should be able to scan the image