bom icon indicating copy to clipboard operation
bom copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

Provide CPE as an external reference for detected packages

Open sbs2001 opened this issue 3 years ago • 0 comments

What would you like to be added:

Currently the external reference for a detected package is only the corresponding package's PURL. We should also provide the CPE for this package.

Why is this needed:

CPEs in some cases can be used for looking up vulnerabilities through NVD.

sbs2001 avatar Jul 17 '22 05:07 sbs2001