{
  "repository": "https://github.com/metabase/metabase",
  "commit_source": "release_tag_resolution_and_runtime_container_image_tag",
  "commit_sha": "74032e5e0a5a70dc45a6a744d37b9ba24eee8d01",
  "submitted_target": {
    "target_kind": "container_image",
    "commit_sha": "770276bdddee78aed8ee0f75cdddd61a744664d4",
    "version": "v1.61.1",
    "ref": "metabase/metabase-enterprise:v1.61.1",
    "display": "Metabase Enterprise v1.61.1"
  },
  "variant_target": {
    "target_kind": "container_image",
    "commit_sha": "74032e5e0a5a70dc45a6a744d37b9ba24eee8d01",
    "version": "v1.61.2",
    "ref": "metabase/metabase-enterprise:v1.61.2",
    "display": "Metabase Enterprise v1.61.2"
  },
  "notes": "Exact tag commits were resolved with git rev-list -n 1 v1.61.1/v1.61.2 in the prepared Metabase repository and recorded in bundle/logs/vuln_variant/source_versions.txt. No distinct variant/bypass was confirmed, but identity is provided for the fixed target tested."
}
