Get Vulnerability Updates

Data for SBOM Document ID: 14fdf11a-8972-4210-a7da-3455e8ec4c03

OWASP depscan Vulnerability Scan Trivy Vulnerability Scan Grype Vulnerability Scan sbomqs SBOM Score
Download SBOM (original upload) Download Signed SBOM (original upload) Download SBOM (recent vulnerability scan)
Share by Email ? Get Badge URL ? Get Badge markdown code ?
Key Value
Timestamp 2023-09-06T09:17:14-04:00
Signature unsigned
Tool Vendor: anchore
Name: grype
Version: 0.66.0
Component bom-ref: af63bd4c8601b7f1
Type: file
Name: .
Total Components

977

SBOM Quality Score

0.00 / 10

Vulnerability Severity Distribution

EPSS Exploitability Score (lower is better)

Total Vulnerabilities

2085

Critical

572

High

850

Medium

554

Low

109

None

0

GHSA-h822-r4r5-v8jg
Severity: Critical

Polymorphic Typing issue in FasterXML jackson-databind...

GHSA-qxxx-2pp7-5hmx
Severity: Critical

jackson-databind is vulnerable to a deserialization flaw...

CVE-2018-7489
Severity: Critical

FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unaut...

CVE-2019-10211
Severity: Critical

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via b...

GHSA-cggj-fvv3-cqwv
Severity: Critical

FasterXML jackson-databind allows unauthenticated remote code execution ...

GHSA-cggj-fvv3-cqwv
Severity: Critical

FasterXML jackson-databind allows unauthenticated remote code execution ...

GHSA-85cw-hj65-qqv9
Severity: Critical

Polymorphic Typing issue in FasterXML jackson-databind...

GHSA-rfx6-vp9g-rh7v
Severity: Critical

jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist ...

CVE-2018-1115
Severity: Critical

postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_l...

GHSA-fmmc-742q-jg75
Severity: Critical

Polymorphic typing issue...

CVE-2019-17571
Severity: Critical

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted dat...

GHSA-gjmw-vf9h-g25v
Severity: Critical

Polymorphic typing issue...

GHSA-fmmc-742q-jg75
Severity: Critical

Polymorphic typing issue...

CVE-2012-4449
Severity: Critical

Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a...

CVE-2019-17571
Severity: Critical

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted dat...