The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
Originally posted by @wideglide in https://github.com/intel/cve-bin-tool/issues/3899#issuecomment-1992490964
Pulling this out because I missed it earlier. Not sure if it's still an issue but filing it to be checked.