| Key | Value |
|---|---|
| Timestamp | 2023-09-06T12:49:53+00:00 |
| Signature | unsigned |
| Tool |
Vendor: aquasecurity Name: trivy Version: 0.45.0 |
| Component |
bom-ref: 63d1f6b4-abd7-4a33-aaaa-8a9d3eb1c6f8 Type: application Name: . Properties:
|
In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar ut...
A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EA...
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit config...
Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComple...
OpenSearch is an open source distributed and RESTful search engine. OpenSearch uses JWTs to store ro...
In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the...
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read du...
In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result...
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLan...
When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK ...
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless...
There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause ...
The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to...
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitra...
Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the serv...
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | provided sbom is in a supported sbom format of spdx,cyclonedx | 10.0 |
|
| 2 | provided sbom should be in supported spec version for spec:1.5 and versions: 1.0,1.1,1.2,1.3,1.4,1.5 | 10.0 |
|
| 3 | provided sbom should be in supported file format for spec: json and version: json,xml | 10.0 |
|
| 4 | provided sbom is parsable | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | 0/1210 have supplier names | 0.0 |
|
| 2 | 1210/1210 have names | 10.0 |
|
| 3 | 1073/1210 have versions | 8.9 |
|
| 4 | 1210/1210 have unique ID's | 10.0 |
|
| 5 | doc has 3988 relationships | 10.0 |
|
| 6 | doc has 1 authors | 10.0 |
|
| 7 | doc has creation timestamp 2023-09-06T12:49:53+00:00 | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | Doc Fields:true Pkg Fields:true | 10.0 |
|
| 2 | 923/1210 have licenses | 7.6 |
|
| 3 | 0/1210 have checksums | 0.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | 743/1210 components with valid license | 6.1 |
|
| 2 | 1210/1210 components have primary purpose specified | 10.0 |
|
| 3 | 0/1210 components have deprecated licenses | 10.0 |
|
| 4 | 8/1210 components have restricted licenses | 9.9 |
|
| 5 | 1073/1210 components have any lookup id | 8.9 |
|
| 6 | 0/1210 components have multiple lookup id | 0.0 |
|
| 7 | 1/1 tools have creator and version | 10.0 |
|
| 8 | primary component found | 10.0 |
|
| # | Description | Score | Score Progress |
|---|---|---|---|
| 1 | doc has a sharable license free 0 :: of 0 | 0.0 |
|