Sbom
If present, return the associated SBOM for this package.
GET /api/v1/package/4331/sbom/?format=api
{
"next_scan": "2025-04-07T21:48:33.726485Z",
"created": "2025-03-31T20:33:33.362131Z",
"package": 4331,
"scanned": "2025-03-31T21:48:30.430663Z",
"vulnerabilities": [
{
"id": "CVE-2025-1632",
"package": "libarchive",
"score": "4.8",
"severity": "medium",
"suppressed": null,
"published": "2025-02-24T14:15:11.590000Z",
"modified": "2025-03-25T15:41:41.683000Z",
"commentary": null
},
{
"id": "OSV-2025-74",
"package": "libxml2",
"score": null,
"severity": "high",
"suppressed": null,
"published": "2025-01-29T00:13:55.386256Z",
"modified": "2025-01-29T00:13:55.386629Z",
"commentary": null
},
{
"id": "CVE-2024-57970",
"package": "libarchive",
"score": "4.0",
"severity": "medium",
"suppressed": null,
"published": "2025-02-16T04:15:21.843000Z",
"modified": "2025-02-18T17:15:19.130000Z",
"commentary": null
},
{
"id": "CVE-2024-53427",
"package": "jq",
"score": "8.1",
"severity": "high",
"suppressed": null,
"published": "2025-02-26T16:15:16.237000Z",
"modified": "2025-03-28T17:15:27.420000Z",
"commentary": null
},
{
"id": "BIT-grafana-2024-11741",
"package": "grafana",
"score": null,
"severity": null,
"suppressed": null,
"published": null,
"modified": null,
"commentary": null
},
{
"id": "BIT-grafana-2024-10452",
"package": "grafana",
"score": null,
"severity": null,
"suppressed": null,
"published": null,
"modified": null,
"commentary": null
},
{
"id": "CVE-2024-10041",
"package": "linux-pam",
"score": "4.7",
"severity": "medium",
"suppressed": null,
"published": "2024-10-23T14:15:03.970000Z",
"modified": "2024-12-18T10:15:05.850000Z",
"commentary": null
},
{
"id": "OSV-2024-1312",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-11-15T00:16:08.928897Z",
"modified": "2025-03-05T14:20:12.622041Z",
"commentary": null
},
{
"id": "OSV-2024-1209",
"package": "libxml2",
"score": null,
"severity": "high",
"suppressed": null,
"published": "2024-10-11T00:15:43.610812Z",
"modified": "2025-03-18T00:30:11.577855Z",
"commentary": null
},
{
"id": "OSV-2024-919",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-08-16T00:09:34.461792Z",
"modified": "2025-03-06T14:20:56.754046Z",
"commentary": null
},
{
"id": "OSV-2024-831",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-08-16T00:03:12.871175Z",
"modified": "2025-03-07T14:24:40.166702Z",
"commentary": null
},
{
"id": "OSV-2024-817",
"package": "libpcap",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-08-16T00:02:39.185747Z",
"modified": "2025-01-08T14:19:40.985698Z",
"commentary": null
},
{
"id": "OSV-2024-440",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-05-07T00:06:11.033336Z",
"modified": "2024-05-07T00:06:11.033868Z",
"commentary": null
},
{
"id": "OSV-2024-396",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-05-01T00:11:24.552935Z",
"modified": "2024-05-01T00:11:24.553294Z",
"commentary": null
},
{
"id": "OSV-2024-395",
"package": "libpcap",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-05-01T00:04:54.392345Z",
"modified": "2024-08-31T14:18:45.876646Z",
"commentary": null
},
{
"id": "OSV-2024-371",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-04-30T00:08:27.982063Z",
"modified": "2024-04-30T00:08:27.982392Z",
"commentary": null
},
{
"id": "OSV-2024-330",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-04-30T00:00:31.577722Z",
"modified": "2024-05-27T14:01:02.168724Z",
"commentary": null
},
{
"id": "BIT-sqlite-2024-0232",
"package": "sqlite",
"score": null,
"severity": null,
"suppressed": null,
"published": null,
"modified": null,
"commentary": null
},
{
"id": "GHSA-72fg-jqhx-c68p",
"package": "st",
"score": "6.1",
"severity": "medium",
"suppressed": "Exception: false positive; the `st` package does not run on controllers",
"published": "2018-08-06T21:33:31Z",
"modified": null,
"commentary": null
},
{
"id": "CVE-2023-7216",
"package": "cpio",
"score": "5.3",
"severity": "medium",
"suppressed": null,
"published": "2024-02-05T15:15:08.903000Z",
"modified": "2024-11-21T08:45:32.120000Z",
"commentary": null
},
{
"id": "OSV-2023-1398",
"package": "file",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-11-01T00:02:38.719507Z",
"modified": "2024-11-01T00:02:38.719949Z",
"commentary": null
},
{
"id": "OSV-2023-1344",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2023-12-22T00:11:40.065456Z",
"modified": "2025-03-05T14:16:07.938645Z",
"commentary": null
},
{
"id": "OSV-2023-1329",
"package": "jq",
"score": null,
"severity": "high",
"suppressed": null,
"published": "2023-12-18T00:13:42.545765Z",
"modified": "2025-02-17T14:14:20.492923Z",
"commentary": null
},
{
"id": "OSV-2023-1307",
"package": "libbpf",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2023-12-15T00:12:51.528155Z",
"modified": "2024-10-30T14:11:39.821385Z",
"commentary": null
},
{
"id": "OSV-2023-877",
"package": "libbpf",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2023-09-18T14:02:44.989260Z",
"modified": "2024-10-30T14:14:33.915213Z",
"commentary": null
},
{
"id": "OSV-2023-505",
"package": "file",
"score": null,
"severity": "high",
"suppressed": null,
"published": "2023-06-22T14:02:20.855256Z",
"modified": "2023-08-01T14:06:27.325503Z",
"commentary": null
},
{
"id": "OSV-2023-197",
"package": "p11-kit",
"score": null,
"severity": null,
"suppressed": null,
"published": "2023-03-18T13:00:57.254906Z",
"modified": "2024-07-04T14:16:04.301147Z",
"commentary": null
},
{
"id": "MAL-2022-4301",
"package": "libidn2",
"score": null,
"severity": null,
"suppressed": "Exception: this result is a false positive; the indicated package is an npm package and not the generic Linux library.",
"published": null,
"modified": null,
"commentary": null
},
{
"id": "CVE-2022-3219",
"package": "gnupg",
"score": "3.3",
"severity": "low",
"suppressed": null,
"published": "2023-02-23T20:15:12.393000Z",
"modified": "2025-03-12T21:15:38.207000Z",
"commentary": null
},
{
"id": "GHSA-rjvj-673q-4hfw",
"package": "traceroute",
"score": null,
"severity": "critical",
"suppressed": "Exception: this result is a false positive; the indicated vulnerability only applies to the npm package, not the generic Linux utility.",
"published": "2020-09-04T17:54:31Z",
"modified": null,
"commentary": null
},
{
"id": "GHSA-8rc5-mr4f-m243",
"package": "rio",
"score": "9.8",
"severity": "critical",
"suppressed": "Exception: false positive: the `rio` rate is not used on Controllers",
"published": "2021-08-25T20:46:57Z",
"modified": null,
"commentary": null
},
{
"id": "OSV-2021-777",
"package": "libxml2",
"score": null,
"severity": "high",
"suppressed": null,
"published": "2021-05-20T00:00:30.166614Z",
"modified": "2025-04-04T14:08:35.471242Z",
"commentary": null
},
{
"id": "RUSTSEC-2020-0021",
"package": "rio",
"score": null,
"severity": null,
"suppressed": "Exception: false positive: the `rio` crate is unused on Controllers",
"published": null,
"modified": null,
"commentary": null
},
{
"id": "CVE-2019-20633",
"package": "patch",
"score": "5.5",
"severity": "medium",
"suppressed": null,
"published": "2020-03-25T17:15:14.013000Z",
"modified": "2024-11-21T04:38:55.590000Z",
"commentary": null
},
{
"id": "CVE-2019-6470",
"package": "bind",
"score": "7.5",
"severity": "high",
"suppressed": "Exception: Controller DHCP functionality is provided via systemd-networkd and so are not subject to vulnerabilities in dhcpcd.",
"published": "2019-11-01T23:15:10Z",
"modified": "2024-11-21T04:46:30.710000Z",
"commentary": null
},
{
"id": "RUSTSEC-2019-0006",
"package": "ncurses",
"score": null,
"severity": null,
"suppressed": "Exception: false positive; controllers do not rely on the `ncurses` crate as a dependency",
"published": null,
"modified": null,
"commentary": null
},
{
"id": "CVE-2016-2781",
"package": "coreutils",
"score": "6.5",
"severity": "medium",
"suppressed": null,
"published": "2017-02-07T15:59:00.333000Z",
"modified": "2024-11-21T02:48:47.593000Z",
"commentary": null
},
{
"id": "CVE-2013-4577",
"package": "grub",
"score": "2.1",
"severity": null,
"suppressed": "Exception: false positive; this is a Debian-specific vulnerability applicable only to Debian-based systems.",
"published": "2014-05-12T14:55:05Z",
"modified": "2024-11-21T01:55:51.900000Z",
"commentary": null
},
{
"id": "CVE-2010-4226",
"package": "cpio",
"score": "5.0",
"severity": null,
"suppressed": "Exception: false positive; this vulnerability only applies to systems that use RPM packaging, which Controllers do not.",
"published": "2014-02-06T17:00:03Z",
"modified": "2024-11-21T01:20:29.333000Z",
"commentary": null
}
],
"id": 122,
"has_cdx": true,
"has_spdx": true,
"scanning": false,
"queued": false
}