The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
In #4185. @mastersans has added the purl string (including version) into the productinfo internal data structure, which should be useful for later internal functions and things like exporting the purl string into sboms.
It's pretty simple code, but it would be nice to have a unittest for it, so this bug is a reminder to write one.
In #4185. @mastersans has added the purl string (including version) into the productinfo internal data structure, which should be useful for later internal functions and things like exporting the purl string into sboms.
It's pretty simple code, but it would be nice to have a unittest for it, so this bug is a reminder to write one.