gobiltd
gobiltd
**What happened**: SBOM generation is not analyzing all pom.xml files inside the jar. **What you expected to happen**: Syft should parse all pom.xml files inside jar and list in SBOM....
**What happened**: SBOM generated for python is missing few packages listed in the requirements.txt file **What you expected to happen**: SBOM should list all packages mentioned in the requirements.txt file...
**Describe the bug** As per NVD description , these [CVE-2009-2704](https://nvd.nist.gov/vuln/detail/CVE-2009-2704) and [CVE-2009-2705](https://nvd.nist.gov/vuln/detail/CVE-2009-2705) should be valid if we have combination of cpe:2.3:a:sun:j2ee:::::::: and cpe:2.3:a:broadcom:siteminder:::::::: in scanned project. However, the [CVE-2009-2704](https://nvd.nist.gov/vuln/detail/CVE-2009-2704) and...
### Package URl testj2ee.jar ### CPE cpe:2.3:a:sun:j2ee:*:*:*:*:*:*:*:* AND cpe:2.3:a:broadcom:siteminder:*:*:*:*:*:*:*:* ### CVE CVE-2009-2704, CVE-2009-2705 ### ODC Integration {"label"=>"CLI"} ### ODC Version 8.2.1 ### Description As per NVD , these CVE-2009-2704 and...