SBOM Summary¶

Item	Details
SBOM File	cve-bin-tool-py3.11.spdx
SBOM Type	spdx
Version	SPDX-2.3
Name	Python-cve-bin-tool
Creator	Tool:sbom4python-0.12.5
Created	2026-06-01T01:23:35Z
Files	0
Packages	49
Relationships	71
Services	0
Vulnerabilities	0

Package Summary¶

Name	Version	PURL	CPE	Type	Supplier	License	Ecosystem	Download	Copyright
cve-bin-tool	3.4.1	pkg:pypi/cve-bin-tool@3.4.1	cpe:2.3:a:terri_oda:cve-bin-tool:3.4.1:::::::*	APPLICATION	Terri Oda (terri.oda@intel.com)	GPL-3.0-or-later	pypi	https://pypi.org/project/cve-bin-tool/3.4.1/#files	NOASSERTION
aiohttp	3.13.5	pkg:pypi/aiohttp@3.13.5		LIBRARY	NOASSERTION	UNKNOWN	pypi	https://pypi.org/project/aiohttp/3.13.5/#files	NOASSERTION
aiohappyeyeballs	2.6.2	pkg:pypi/aiohappyeyeballs@2.6.2	cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.6.2:::::::*	LIBRARY	J. Nick Koston (nick@koston.org)	PSF-2.0	pypi	https://pypi.org/project/aiohappyeyeballs/2.6.2/#files	NOASSERTION
aiosignal	1.4.0	pkg:pypi/aiosignal@1.4.0		LIBRARY	NOASSERTION	Apache-2.0	pypi	https://pypi.org/project/aiosignal/1.4.0/#files	NOASSERTION
frozenlist	1.8.0	pkg:pypi/frozenlist@1.8.0		LIBRARY	NOASSERTION	Apache-2.0	pypi	https://pypi.org/project/frozenlist/1.8.0/#files	NOASSERTION
typing-extensions	4.15.0	pkg:pypi/typing-extensions@4.15.0	cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.15.0:::::::*	LIBRARY	Guido van Jukka ukasz Michael (levkivskyi@gmail.com)	PSF-2.0	pypi	https://pypi.org/project/typing-extensions/4.15.0/#files	NOASSERTION
attrs	26.1.0	pkg:pypi/attrs@26.1.0	cpe:2.3:a:hynek_schlawack:attrs:26.1.0:::::::*	LIBRARY	Hynek Schlawack (hs@ox.cx)	MIT	pypi	https://pypi.org/project/attrs/26.1.0/#files	NOASSERTION
multidict	6.7.1	pkg:pypi/multidict@6.7.1	cpe:2.3:a:andrew_svetlov:multidict:6.7.1:::::::*	LIBRARY	Andrew Svetlov (andrew.svetlov@gmail.com)	Apache-2.0	pypi	https://pypi.org/project/multidict/6.7.1/#files	NOASSERTION
propcache	0.5.2	pkg:pypi/propcache@0.5.2	cpe:2.3:a:andrew_svetlov:propcache:0.5.2:::::::*	LIBRARY	Andrew Svetlov (andrew.svetlov@gmail.com)	Apache-2.0	pypi	https://pypi.org/project/propcache/0.5.2/#files	NOASSERTION
yarl	1.24.2	pkg:pypi/yarl@1.24.2	cpe:2.3:a:andrew_svetlov:yarl:1.24.2:::::::*	LIBRARY	Andrew Svetlov (andrew.svetlov@gmail.com)	Apache-2.0	pypi	https://pypi.org/project/yarl/1.24.2/#files	NOASSERTION
idna	3.17	pkg:pypi/idna@3.17	cpe:2.3:a:kim_davies:idna:3.17:::::::*	LIBRARY	Kim Davies (kim+pypi@gumleaf.org)	BSD-3-Clause	pypi	https://pypi.org/project/idna/3.17/#files	NOASSERTION
beautifulsoup4	4.14.3	pkg:pypi/beautifulsoup4@4.14.3	cpe:2.3:a:leonard_richardson:beautifulsoup4:4.14.3:::::::*	LIBRARY	Leonard Richardson (leonardr@segfault.org)	MIT	pypi	https://pypi.org/project/beautifulsoup4/4.14.3/#files	NOASSERTION
soupsieve	2.8.4	pkg:pypi/soupsieve@2.8.4	cpe:2.3:a:isaac_muse:soupsieve:2.8.4:::::::*	LIBRARY	Isaac Muse (Isaac.Muse@gmail.com)	MIT	pypi	https://pypi.org/project/soupsieve/2.8.4/#files	NOASSERTION
cvss	3.6	pkg:pypi/cvss@3.6	cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.6:::::::*	LIBRARY	Stanislav Red Hat Product Security (skontar@redhat.com)	LGPL-3.0-or-later	pypi	https://pypi.org/project/cvss/3.6/#files	NOASSERTION
defusedxml	0.7.1	pkg:pypi/defusedxml@0.7.1	cpe:2.3:a:christian_heimes:defusedxml:0.7.1:::::::*	LIBRARY	Christian Heimes (christian@python.org)	PSF-2.0	pypi	https://pypi.python.org/pypi/defusedxml	NOASSERTION
distro	1.9.0	pkg:pypi/distro@1.9.0	cpe:2.3:a:nir_cohen:distro:1.9.0:::::::*	LIBRARY	Nir Cohen (nir36g@gmail.com)	Apache-2.0	pypi	https://pypi.org/project/distro/1.9.0/#files	NOASSERTION
filetype	1.2.0	pkg:pypi/filetype@1.2.0	cpe:2.3:a:tomas_aparicio:filetype:1.2.0:::::::*	LIBRARY	Tomas Aparicio (tomas@aparicio.me)	MIT	pypi	https://github.com/h2non/filetype.py/tarball/master	NOASSERTION
jinja2	3.1.6	pkg:pypi/jinja2@3.1.6		LIBRARY	NOASSERTION	BSD-3-Clause	pypi	https://pypi.org/project/jinja2/3.1.6/#files	NOASSERTION
markupsafe	3.0.3	pkg:pypi/markupsafe@3.0.3		LIBRARY	NOASSERTION	BSD-3-Clause	pypi	https://pypi.org/project/markupsafe/3.0.3/#files	NOASSERTION
jsonschema	4.26.0	pkg:pypi/jsonschema@4.26.0	cpe:2.3:a:julian_berman:jsonschema:4.26.0:::::::*	LIBRARY	Julian Berman (Julian+jsonschema@GrayVines.com)	MIT	pypi	https://pypi.org/project/jsonschema/4.26.0/#files	NOASSERTION
jsonschema-specifications	2025.9.1	pkg:pypi/jsonschema-specifications@2025.9.1	cpe:2.3:a:julian_berman:jsonschema-specifications:2025.9.1:::::::*	LIBRARY	Julian Berman (Julian+jsonschema-specifications@GrayVines.com)	MIT	pypi	https://pypi.org/project/jsonschema-specifications/2025.9.1/#files	NOASSERTION
referencing	0.37.0	pkg:pypi/referencing@0.37.0	cpe:2.3:a:julian_berman:referencing:0.37.0:::::::*	LIBRARY	Julian Berman (Julian+referencing@GrayVines.com)	MIT	pypi	https://pypi.org/project/referencing/0.37.0/#files	NOASSERTION
rpds-py	2026.5.1	pkg:pypi/rpds-py@2026.5.1	cpe:2.3:a:julian_berman:rpds-py:2026.5.1:::::::*	LIBRARY	Julian Berman (Julian+rpds@GrayVines.com)	MIT	pypi	https://pypi.org/project/rpds-py/2026.5.1/#files	NOASSERTION
lib4sbom	0.10.4	pkg:pypi/lib4sbom@0.10.4	cpe:2.3:a:anthony_harrison:lib4sbom:0.10.4:::::::*	LIBRARY	Anthony Harrison (anthony.p.harrison@gmail.com)	Apache-2.0	pypi	https://pypi.org/project/lib4sbom/0.10.4/#files	NOASSERTION
pyyaml	6.0.3	pkg:pypi/pyyaml@6.0.3	cpe:2.3:a:kirill_simonov:pyyaml:6.0.3:::::::*	LIBRARY	Kirill Simonov (xi@resolvent.net)	MIT	pypi	https://pypi.org/project/PyYAML/	NOASSERTION
semantic-version	2.10.0	pkg:pypi/semantic-version@2.10.0	cpe:2.3:a:raphael_barrois:semantic-version:2.10.0:::::::*	LIBRARY	Raphael Barrois (raphael.barrois+semver@polytechnique.org)	BSD-3-Clause	pypi	https://pypi.org/project/semantic-version/2.10.0/#files	NOASSERTION
fastjsonschema	2.21.2	pkg:pypi/fastjsonschema@2.21.2	cpe:2.3:a:michal_horejsek:fastjsonschema:2.21.2:::::::*	LIBRARY	Michal Horejsek (fastjsonschema@horejsek.com)	BSD-3-Clause	pypi	https://pypi.org/project/fastjsonschema/2.21.2/#files	NOASSERTION
xmlschema	4.3.1	pkg:pypi/xmlschema@4.3.1	cpe:2.3:a:davide_brunato:xmlschema:4.3.1:::::::*	LIBRARY	Davide Brunato (brunato@sissa.it)	MIT	pypi	https://pypi.org/project/xmlschema/4.3.1/#files	NOASSERTION
elementpath	5.1.1	pkg:pypi/elementpath@5.1.1	cpe:2.3:a:davide_brunato:elementpath:5.1.1:::::::*	LIBRARY	Davide Brunato (brunato@sissa.it)	MIT	pypi	https://pypi.org/project/elementpath/5.1.1/#files	NOASSERTION
packageurl-python	0.17.6	pkg:pypi/packageurl-python@0.17.6	cpe:2.3:a:the_purl_authors:packageurl-python:0.17.6:::::::*	LIBRARY	the purl authors	MIT	pypi	https://pypi.org/project/packageurl-python/0.17.6/#files	NOASSERTION
lib4vex	0.2.3	pkg:pypi/lib4vex@0.2.3	cpe:2.3:a:anthony_harrison:lib4vex:0.2.3:::::::*	LIBRARY	Anthony Harrison (anthony.p.harrison@gmail.com)	Apache-2.0	pypi	https://pypi.org/project/lib4vex/0.2.3/#files	NOASSERTION
csaf-tool	0.3.2	pkg:pypi/csaf-tool@0.3.2	cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:::::::*	LIBRARY	Anthony Harrison (anthony.p.harrison@gmail.com)	MIT	pypi	https://pypi.org/project/csaf-tool/0.3.2/#files	NOASSERTION
rich	15.0.0	pkg:pypi/rich@15.0.0	cpe:2.3:a:will_mcgugan:rich:15.0.0:::::::*	LIBRARY	Will McGugan (willmcgugan@gmail.com)	MIT	pypi	https://pypi.org/project/rich/15.0.0/#files	NOASSERTION
markdown-it-py	4.2.0	pkg:pypi/markdown-it-py@4.2.0	cpe:2.3:a:chris_sewell:markdown-it-py:4.2.0:::::::*	LIBRARY	Chris Sewell (chrisj_sewell@hotmail.com)	MIT	pypi	https://pypi.org/project/markdown-it-py/4.2.0/#files	NOASSERTION
mdurl	0.1.2	pkg:pypi/mdurl@0.1.2	cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:::::::*	LIBRARY	Taneli Hukkinen (hukkin@users.noreply.github.com)	MIT	pypi	https://pypi.org/project/mdurl/0.1.2/#files	NOASSERTION
pygments	2.20.0	pkg:pypi/pygments@2.20.0	cpe:2.3:a:georg_brandl:pygments:2.20.0:::::::*	LIBRARY	Georg Brandl (georg@python.org)	BSD-2-Clause	pypi	https://pypi.org/project/pygments/2.20.0/#files	NOASSERTION
packaging	26.2	pkg:pypi/packaging@26.2	cpe:2.3:a:donald_stufft:packaging:26.2:::::::*	LIBRARY	Donald Stufft (donald@stufft.io)	UNKNOWN	pypi	https://pypi.org/project/packaging/26.2/#files	NOASSERTION
pefile	2024.8.26	pkg:pypi/pefile@2024.8.26	cpe:2.3:a:ero_carrera:pefile:2024.8.26:::::::*	LIBRARY	Ero Carrera (ero.carrera@gmail.com)	MIT	pypi	https://github.com/erocarrera/pefile/releases/download/v2024.8.26/pefile-2024.8.26.tar.gz	NOASSERTION
plotly	6.7.0	pkg:pypi/plotly@6.7.0	cpe:2.3:a:chris_p:plotly:6.7.0:::::::*	LIBRARY	Chris P (chris@plot.ly)	MIT	pypi	https://pypi.org/project/plotly/6.7.0/#files	NOASSERTION
narwhals	2.21.2	pkg:pypi/narwhals@2.21.2	cpe:2.3:a:marco_gorelli:narwhals:2.21.2:::::::*	LIBRARY	Marco Gorelli (hello_narwhals@proton.me)	UNKNOWN	pypi	https://pypi.org/project/narwhals/2.21.2/#files	NOASSERTION
python-gnupg	0.5.6	pkg:pypi/python-gnupg@0.5.6	cpe:2.3:a:vinay_sajip:python-gnupg:0.5.6:::::::*	LIBRARY	Vinay Sajip (vinay_sajip@yahoo.co.uk)	BSD-3-Clause	pypi	https://pypi.org/project/python-gnupg/0.5.6/#files	NOASSERTION
requests	2.34.2	pkg:pypi/requests@2.34.2	cpe:2.3:a:kenneth_reitz:requests:2.34.2:::::::*	LIBRARY	Kenneth Reitz (me@kennethreitz.org)	Apache-2.0	pypi	https://pypi.org/project/requests/2.34.2/#files	NOASSERTION
charset-normalizer	3.4.7	pkg:pypi/charset-normalizer@3.4.7	cpe:2.3:a:ahmed_r.:charset-normalizer:3.4.7:::::::*	LIBRARY	Ahmed R. (tahri.ahmed@proton.me)	MIT	pypi	https://pypi.org/project/charset-normalizer/3.4.7/#files	NOASSERTION
urllib3	2.7.0	pkg:pypi/urllib3@2.7.0	cpe:2.3:a:andrey_petrov:urllib3:2.7.0:::::::*	LIBRARY	Andrey Petrov (andrey.petrov@shazow.net)	MIT	pypi	https://pypi.org/project/urllib3/2.7.0/#files	NOASSERTION
certifi	2026.5.20	pkg:pypi/certifi@2026.5.20	cpe:2.3:a:kenneth_reitz:certifi:2026.5.20:::::::*	LIBRARY	Kenneth Reitz (me@kennethreitz.com)	MPL-2.0	pypi	https://pypi.org/project/certifi/2026.5.20/#files	NOASSERTION
rpmfile	2.2.1	pkg:pypi/rpmfile@2.2.1	cpe:2.3:a:sean_ross:rpmfile:2.2.1:::::::*	LIBRARY	Sean Ross (srossross@gmail.com)	MIT	pypi	https://pypi.org/project/rpmfile/2.2.1/#files	NOASSERTION
setuptools	82.0.1	pkg:pypi/setuptools@82.0.1	cpe:2.3:a:python_packaging_authority:setuptools:82.0.1:::::::*	LIBRARY	Python Packaging Authority (distutils-sig@python.org)	MIT	pypi	https://pypi.org/project/setuptools/82.0.1/#files	NOASSERTION
zipp	4.1.0	pkg:pypi/zipp@4.1.0	cpe:2.3:a:jason_r.:zipp:4.1.0:::::::*	LIBRARY	Jason R. (jaraco@jaraco.com)	MIT	pypi	https://pypi.org/project/zipp/4.1.0/#files	NOASSERTION
zstandard	0.25.0	pkg:pypi/zstandard@0.25.0	cpe:2.3:a:gregory_szorc:zstandard:0.25.0:::::::*	LIBRARY	Gregory Szorc (gregory.szorc@gmail.com)	BSD-3-Clause	pypi	https://pypi.org/project/zstandard/0.25.0/#files	NOASSERTION

Component Type Summary¶

Type	Count
APPLICATION	1
LIBRARY	48

License Summary¶

License	Count
Apache-2.0	9
BSD-2-Clause	1
BSD-3-Clause	7
GPL-3.0-or-later	1
LGPL-3.0-or-later	1
MIT	23
MPL-2.0	1
PSF-2.0	3
UNKNOWN	3

Supplier Summary¶

Supplier	Count
Ahmed R. (tahri.ahmed@proton.me)	1
Andrew Svetlov (andrew.svetlov@gmail.com)	3
Andrey Petrov (andrey.petrov@shazow.net)	1
Anthony Harrison (anthony.p.harrison@gmail.com)	3
Chris P (chris@plot.ly)	1
Chris Sewell (chrisj_sewell@hotmail.com)	1
Christian Heimes (christian@python.org)	1
Davide Brunato (brunato@sissa.it)	2
Donald Stufft (donald@stufft.io)	1
Ero Carrera (ero.carrera@gmail.com)	1
Georg Brandl (georg@python.org)	1
Gregory Szorc (gregory.szorc@gmail.com)	1
Guido van Jukka ukasz Michael (levkivskyi@gmail.com)	1
Hynek Schlawack (hs@ox.cx)	1
Isaac Muse (Isaac.Muse@gmail.com)	1
J. Nick Koston (nick@koston.org)	1
Jason R. (jaraco@jaraco.com)	1
Julian Berman (Julian+jsonschema-specifications@GrayVines.com)	1
Julian Berman (Julian+jsonschema@GrayVines.com)	1
Julian Berman (Julian+referencing@GrayVines.com)	1
Julian Berman (Julian+rpds@GrayVines.com)	1
Kenneth Reitz (me@kennethreitz.com)	1
Kenneth Reitz (me@kennethreitz.org)	1
Kim Davies (kim+pypi@gumleaf.org)	1
Kirill Simonov (xi@resolvent.net)	1
Leonard Richardson (leonardr@segfault.org)	1
Marco Gorelli (hello_narwhals@proton.me)	1
Michal Horejsek (fastjsonschema@horejsek.com)	1
NOASSERTION	5
Nir Cohen (nir36g@gmail.com)	1
Python Packaging Authority (distutils-sig@python.org)	1
Raphael Barrois (raphael.barrois+semver@polytechnique.org)	1
Sean Ross (srossross@gmail.com)	1
Stanislav Red Hat Product Security (skontar@redhat.com)	1
Taneli Hukkinen (hukkin@users.noreply.github.com)	1
Terri Oda (terri.oda@intel.com)	1
Tomas Aparicio (tomas@aparicio.me)	1
Vinay Sajip (vinay_sajip@yahoo.co.uk)	1
Will McGugan (willmcgugan@gmail.com)	1
the purl authors	1

NTIA Summary¶

Element	Status
All file information provided?	True
All package information provided?	False
Creator identified?	True
Creation time identified?	True
Dependency relationships provided?	True
NTIA conformant False

SBOM Summary¶

Package Summary¶

Component Type Summary¶

License Summary¶

Supplier Summary¶

NTIA Summary¶

CVE Binary Tool

Navigation

Related Topics