AWS Inspector2/Enhanced Scanning Uses Image Tags to Detect OS



I am currently trialing Enhanced Scanning with our ECR repos. What I have identified is, it seems Inspector2 is inferring some information from tags, and using that to detect the OS.

For example, see this screenshot -> I have uploaded a container with base image of Oracle Linux 8, with the tag "latest5". ECR is taking the "5" as the OS version, and treating this container as Oracle Linux 5.

You can see in the screenshot also, the CVE's report, and the OS they affect are RHEL 5/6.

I am trying to understand if this is expected behavior or a bug in ECR?