Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SBOM without CPE is not matched to the advisory #1074

Closed
dejanb opened this issue Dec 5, 2024 · 1 comment
Closed

SBOM without CPE is not matched to the advisory #1074

dejanb opened this issue Dec 5, 2024 · 1 comment

Comments

@dejanb
Copy link
Contributor

dejanb commented Dec 5, 2024

Reproduce:

When DS1/DS3 dataset is ingested, ubi9-minimal should be listed as related sbom for CVE-2023-44487
http://localhost:3000/vulnerabilities/CVE-2023-44487

Analysis:

The purl status query is expecting sbom_package_cpe_ref entry. But also, it's filtered as out of context later on.
@dejanb
Copy link
Contributor Author

dejanb commented Dec 13, 2024

fixed by #1098

@dejanb dejanb closed this as completed Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dejanb