Key | Value |
---|---|
Timestamp | 2023-09-06T12:49:53+00:00 |
Signature | unsigned |
Tool |
Vendor: aquasecurity Name: trivy Version: 0.45.0 |
Component |
bom-ref: 63d1f6b4-abd7-4a33-aaaa-8a9d3eb1c6f8 Type: application Name: . Properties:
|
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. N...
The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and async...
In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar ut...
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow...
A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EA...
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum P...
Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptib...
Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to exec...
A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby in...
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2...
snappy-java is a Java port of the snappy, a fast C++ compresser/decompresser developed by Google. Th...
The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to...
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential d...
In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result...
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of inval...
# | Description | Score | Score Progress |
---|---|---|---|
1 | provided sbom is in a supported sbom format of spdx,cyclonedx | 10.0 |
|
2 | provided sbom should be in supported spec version for spec:1.5 and versions: 1.0,1.1,1.2,1.3,1.4,1.5,1.6 | 10.0 |
|
3 | provided sbom should be in supported file format for spec: json and version: json,xml | 10.0 |
|
4 | provided sbom is parsable | 10.0 |
|
# | Description | Score | Score Progress |
---|---|---|---|
1 | 0/1210 have supplier names | 0.0 |
|
2 | 1210/1210 have names | 10.0 |
|
3 | 1073/1210 have versions | 8.9 |
|
4 | 1210/1210 have unique ID's | 10.0 |
|
5 | doc has 136 dependencies | 10.0 |
|
6 | doc has 1 authors | 10.0 |
|
7 | doc has creation timestamp 2023-09-06T12:49:53+00:00 | 10.0 |
|
# | Description | Score | Score Progress |
---|---|---|---|
1 | Doc Fields:true Pkg Fields:true | 10.0 |
|
2 | 923/1210 have licenses | 7.6 |
|
3 | 0/1210 have checksums | 0.0 |
|
# | Description | Score | Score Progress |
---|---|---|---|
1 | 191/1210 components with valid license | 1.5 |
|
2 | 1210/1210 components have primary purpose specified | 10.0 |
|
3 | 1/1210 components have deprecated licenses | 10.0 |
|
4 | 0/1210 components have restricted licenses | 10.0 |
|
5 | 1073/1210 components have any lookup id | 8.9 |
|
6 | 0/1210 components have multiple lookup id | 0.0 |
|
7 | 1/1 tools have creator and version | 10.0 |
|
8 | primary component found | 10.0 |
|
# | Description | Score | Score Progress |
---|---|---|---|
1 | doc has a sharable license free 0 :: of 0 | 0.0 |
|