This template is **ONLY** used for reporting bugs. New feature request or pipeline enhancement issues should use the other template options for issue submission. ## Current Behavior <!--- What happens instead of the expected behavior? --> The VAT team discovered that duplicate cves were being pushed to the VAT because of duplicates existing in the anchore _security.csv. We discovered that the duplicates were returned by Anchore, due to the `fix` field being sorted differently for the same cve/package/package_path. ## Live Example <!--- Provide a link to a live example(s) of the bug --> https://repo1.dso.mil/dsop/atlassian/confluence-data-center/confluence-node/-/jobs/1838883 ## Expected Behavior <!--- What should happen instead? --> Duplicate cve objects should not be pushed to the VAT. ## Possible Solution <!--- Not required, but suggest a fix/reason for the bug --> To resolve this, we're sorting the `fix` list and checking that the cve object isn't already in the cves list before adding it. Relevant Pipeline Run: https://repo1.dso.mil/dsop/atlassian/confluence-data-center/confluence-node/-/pipelines/158307 Relevant MR: https://repo1.dso.mil/ironbank-tools/ironbank-pipeline/-/merge_requests/399