| Key | Value |
|---|---|
| Timestamp | 2023-09-06T12:49:53+00:00 |
| Signature | unsigned |
| Tool |
Vendor: aquasecurity Name: trivy Version: 0.45.0 |
| Component |
bom-ref: 63d1f6b4-abd7-4a33-aaaa-8a9d3eb1c6f8 Type: application Name: . Properties:
|
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. N...
Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to exec...
A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby in...
A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EA...
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum P...
In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar ut...
The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to...
In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result...
A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, whi...
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential d...
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource con...
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of inval...
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2...
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLan...
Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.inp...
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | provided sbom is in a supported sbom format of spdx,cyclonedx | 10.0 |
|
| 2 | provided sbom should be in supported spec version for spec:1.5 and versions: 1.0,1.1,1.2,1.3,1.4,1.5,1.6 | 10.0 |
|
| 3 | provided sbom should be in supported file format for spec: json and version: json,xml | 10.0 |
|
| 4 | provided sbom is parsable | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | 0/1210 have supplier names | 0.0 |
|
| 2 | 1210/1210 have names | 10.0 |
|
| 3 | 1073/1210 have versions | 8.9 |
|
| 4 | 1210/1210 have unique ID's | 10.0 |
|
| 5 | doc has 136 dependencies | 10.0 |
|
| 6 | doc has 1 authors | 10.0 |
|
| 7 | doc has creation timestamp 2023-09-06T12:49:53+00:00 | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | Doc Fields:true Pkg Fields:true | 10.0 |
|
| 2 | 923/1210 have licenses | 7.6 |
|
| 3 | 0/1210 have checksums | 0.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | 191/1210 components with valid license | 1.5 |
|
| 2 | 1210/1210 components have primary purpose specified | 10.0 |
|
| 3 | 1/1210 components have deprecated licenses | 10.0 |
|
| 4 | 0/1210 components have restricted licenses | 10.0 |
|
| 5 | 1073/1210 components have any lookup id | 8.9 |
|
| 6 | 0/1210 components have multiple lookup id | 0.0 |
|
| 7 | 1/1 tools have creator and version | 10.0 |
|
| 8 | primary component found | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | doc has a sharable license free 0 :: of 0 | 0.0 |
|