{ "SchemaVersion": 2, "Trivy": { "Version": "0.69.3" }, "ReportID": "019d57b3-4ceb-7d23-9137-4221ffe032ca", "CreatedAt": "2026-04-04T08:54:21.67586254Z", "ArtifactName": "sboms/ai-containers-litellm-database-v1.81.15-cyclonedx.json", "ArtifactType": "cyclonedx", "Metadata": { "OS": { "Family": "wolfi", "Name": "20230201" }, "ImageID": "sha256:d395f3c0a387cd92c85bb348950400ae3b7213d7ef0b8a93fd6dbcbda552bb5d", "DiffIDs": [ "sha256:065123985f116c8cb4b15d734329d7e039f0fcc535c2e72e3d1eeb27b10cafcd", "sha256:07fcf3e52c621be9e5ca0b1a145d6d837660b940a703a69f02ad054edd58af5a", "sha256:09415f6704429bf538351a5149a730bf1f254708ab21586991db5bb27b8907bd", "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa", "sha256:1f7b804e2e3b2ce78f108ce6ea8e3c5c42309860a59a5342e101ba77669d8a92", "sha256:20146100a36ac5a8fde6152a37760c2cc896bbb808b7fb6a2a2feb981e267309", "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf", "sha256:238ce18a715006b04c112755cb0e3655c62c8fcc579c8f43f3b5248d9091999b", "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:6562679d109c939489d457fcbd6d961c9d5f592f316cefcb2e62fa595199797a", "sha256:68de260a7ca397c67873261d65c43f20595c2bba29d4e2eb84f1dc8630b662a5", "sha256:6d0d07b8e9305ad97f174eab8ace73cb4b39e747c7a8f99821470b5d293aad77", "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1", "sha256:70991d5976e247cb33ca1923edd3f609e6c23f527dbe62b838d6a03c0bca6453", "sha256:8b4445bfa409a765de1d7ea622663bc488bbbd18ac380f2e65a26f72ec0b149d", "sha256:8e1e20fa39a3b406637c68b5bcff0770fd1deb6f81da5fd2c126bfddd90c76f8", "sha256:930dae14c1c45ca0925ed1808f78b4a1618c1042cd14e72c2f8fd24c4e5e461c", "sha256:98481b16b5b7db2fe5071acddc9cb81c29411335c97e9ddeb35c7c800d9fb568", "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b", "sha256:b6b512b9108959a393f94a860379497c2fb37e0ed270f661cc418c748808fc39", "sha256:b8195249dcd92d2c0519946f0a9f9d9ec7b88e9a19b5f83bc156103a39d5ab50", "sha256:c38e600be9e3b4d789f0b1f8c9a67b1ff2094481e475a06cea386c5962b57f54", "sha256:c5eb7ef8db9459a51de6b506611f03f4f3ec7a1d2fc13ea21351f8875d6c95d9", "sha256:d48cfd6939a37114f8d5548f1078b4e04e9fb182c1fbbb433bc0cfe11667e8b5", "sha256:db82f5deff7f34c5f76061c7678aad176d0bda60ca1c4b4d1388ab1574d61939", "sha256:e43387e77a2b0726d7301514111e2ba082037988a1c5e4277f66ae9cc1477ce1", "sha256:f92d2dc25a7bdb92619313314b07ccddcd01b16b11e501afc0b9cd99c7c8a5b9" ], "RepoDigests": [ "registry.suse.com/ai/containers/litellm-database@sha256:e187026973a6fb7922d65b6efe9cbab5b4964d7c462c3897f55ca957cd345379" ], "Reference": "registry.suse.com/ai/containers/litellm-database@sha256:e187026973a6fb7922d65b6efe9cbab5b4964d7c462c3897f55ca957cd345379" }, "Results": [ { "Target": "sboms/ai-containers-litellm-database-v1.81.15-cyclonedx.json (wolfi 20230201)", "Class": "os-pkgs", "Type": "wolfi", "Packages": [ { "ID": "alsa-lib@1.2.15.3-r1", "Name": "alsa-lib", "Identifier": { "PURL": "pkg:apk/wolfi/alsa-lib@1.2.15.3-r1?arch=x86_64\u0026distro=20230201", "UID": "13468b81c5233dc4", "BOMRef": "pkg:apk/wolfi/alsa-lib@1.2.15.3-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.15.3-r1", "Arch": "x86_64", "SrcName": "alsa-lib", "SrcVersion": "1.2.15.3-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:f102fe2f70af2ef8759d1f41d418cc93b507a5c4" }, { "ID": "apk-tools@2.14.10-r10", "Name": "apk-tools", "Identifier": { "PURL": "pkg:apk/wolfi/apk-tools@2.14.10-r10?arch=x86_64\u0026distro=20230201", "UID": "3e452ee0d653c6ca", "BOMRef": "pkg:apk/wolfi/apk-tools@2.14.10-r10?arch=x86_64\u0026distro=20230201" }, "Version": "2.14.10-r10", "Arch": "x86_64", "SrcName": "apk-tools", "SrcVersion": "2.14.10-r10", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "ca-certificates-bundle@20251003-r3", "glibc@2.43-r1", "ld-linux@2.43-r1", "libcrypto3@3.6.1-r1", "libssl3@3.6.1-r1", "wolfi-baselayout@20230201-r27", "zlib@1.3.2-r0" ], "Layer": { "Digest": "sha256:1d53393b78f00c417dbc484afee224f386ba037746127e62a4bc86b6ad11daa1", "DiffID": "sha256:6562679d109c939489d457fcbd6d961c9d5f592f316cefcb2e62fa595199797a" }, "Digest": "sha1:360094f42540d8f16177f251916e29619be762fe" }, { "ID": "bash@5.3-r5", "Name": "bash", "Identifier": { "PURL": "pkg:apk/wolfi/bash@5.3-r5?arch=x86_64\u0026distro=20230201", "UID": "1f2037c4c34801bc", "BOMRef": "pkg:apk/wolfi/bash@5.3-r5?arch=x86_64\u0026distro=20230201" }, "Version": "5.3-r5", "Arch": "x86_64", "SrcName": "bash", "SrcVersion": "5.3-r5", "Licenses": [ "GPL-3.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "ncurses@6.6_p20251230-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:9dd00dcd7654147d2998f5b11213adb52cae5ad2" }, { "ID": "busybox@1.37.0-r54", "Name": "busybox", "Identifier": { "PURL": "pkg:apk/wolfi/busybox@1.37.0-r54?arch=x86_64\u0026distro=20230201", "UID": "aca654f8a0ba155a", "BOMRef": "pkg:apk/wolfi/busybox@1.37.0-r54?arch=x86_64\u0026distro=20230201" }, "Version": "1.37.0-r54", "Arch": "x86_64", "SrcName": "busybox", "SrcVersion": "1.37.0-r54", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "libcrypt1@2.43-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:3f02fc482423f53d1d5bfdf6094776ebe0b7eba4617489f96d32e6c61ac92d92", "DiffID": "sha256:1f7b804e2e3b2ce78f108ce6ea8e3c5c42309860a59a5342e101ba77669d8a92" }, "Digest": "sha1:dfbfdd4815b2ce870ce5a428f10f6ad21a1f549a" }, { "ID": "c-ares@1.34.6-r0", "Name": "c-ares", "Identifier": { "PURL": "pkg:apk/wolfi/c-ares@1.34.6-r0?arch=x86_64\u0026distro=20230201", "UID": "d5cf9575e5df531c", "BOMRef": "pkg:apk/wolfi/c-ares@1.34.6-r0?arch=x86_64\u0026distro=20230201" }, "Version": "1.34.6-r0", "Arch": "x86_64", "SrcName": "c-ares", "SrcVersion": "1.34.6-r0", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:72c82e5c25bfd691982cf508bfda988bad5ced12" }, { "ID": "ca-certificates-bundle@20251003-r3", "Name": "ca-certificates-bundle", "Identifier": { "PURL": "pkg:apk/wolfi/ca-certificates-bundle@20251003-r3?arch=x86_64\u0026distro=20230201", "UID": "b7a1329569e2e4c5", "BOMRef": "pkg:apk/wolfi/ca-certificates-bundle@20251003-r3?arch=x86_64\u0026distro=20230201" }, "Version": "20251003-r3", "Arch": "x86_64", "SrcName": "ca-certificates", "SrcVersion": "20251003-r3", "Licenses": [ "MPL-2.0", "MIT" ], "DependsOn": [ "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:2a4da0691147ee88d0960b8ac8bda5481f91b115a20a0dcb9f30481401d91d36", "DiffID": "sha256:98481b16b5b7db2fe5071acddc9cb81c29411335c97e9ddeb35c7c800d9fb568" }, "Digest": "sha1:b8fb05eba8b52c5b8e3ae448c96ec4218e2bc447" }, { "ID": "gdbm@1.26-r2", "Name": "gdbm", "Identifier": { "PURL": "pkg:apk/wolfi/gdbm@1.26-r2?arch=x86_64\u0026distro=20230201", "UID": "4c3c1076ad985dd4", "BOMRef": "pkg:apk/wolfi/gdbm@1.26-r2?arch=x86_64\u0026distro=20230201" }, "Version": "1.26-r2", "Arch": "x86_64", "SrcName": "gdbm", "SrcVersion": "1.26-r2", "Licenses": [ "GPL-3.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:375d22e56a0c032b92b8f3bd9eb4112e7864fb25" }, { "ID": "glibc@2.43-r1", "Name": "glibc", "Identifier": { "PURL": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "19fc32b613e931a6", "BOMRef": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.43-r1", "Arch": "x86_64", "SrcName": "glibc", "SrcVersion": "2.43-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "glibc-locale-posix@2.43-r1", "ld-linux@2.43-r1", "libgcc@15.2.0-r9", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "Digest": "sha1:45d78518d648056160ca67d9ced0d9ae735718c3" }, { "ID": "glibc-locale-posix@2.43-r1", "Name": "glibc-locale-posix", "Identifier": { "PURL": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "5e241543b8fe7d0", "BOMRef": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.43-r1", "Arch": "x86_64", "SrcName": "glibc", "SrcVersion": "2.43-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "Digest": "sha1:71c70566fef73a5f03323418c29988aa79322016" }, { "ID": "icu78-data-full@78.2-r0", "Name": "icu78-data-full", "Identifier": { "PURL": "pkg:apk/wolfi/icu78-data-full@78.2-r0?arch=x86_64\u0026distro=20230201", "UID": "e970261dac07e913", "BOMRef": "pkg:apk/wolfi/icu78-data-full@78.2-r0?arch=x86_64\u0026distro=20230201" }, "Version": "78.2-r0", "Arch": "x86_64", "SrcName": "icu", "SrcVersion": "78.2-r0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:e615eeade973d33e6d30bca1bcb08383dec2c505" }, { "ID": "ld-linux@2.43-r1", "Name": "ld-linux", "Identifier": { "PURL": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "e85685852da579df", "BOMRef": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.43-r1", "Arch": "x86_64", "SrcName": "glibc", "SrcVersion": "2.43-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "glibc@2.43-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "Digest": "sha1:36773aca32fddc2957a0b46c436841e49509dd29" }, { "ID": "libbrotlicommon1@1.2.0-r1", "Name": "libbrotlicommon1", "Identifier": { "PURL": "pkg:apk/wolfi/libbrotlicommon1@1.2.0-r1?arch=x86_64\u0026distro=20230201", "UID": "7783d36863177d01", "BOMRef": "pkg:apk/wolfi/libbrotlicommon1@1.2.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.0-r1", "Arch": "x86_64", "SrcName": "brotli", "SrcVersion": "1.2.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:f16ef9c593de91cc6945073b4636aeeda0c80a0e" }, { "ID": "libbrotlidec1@1.2.0-r1", "Name": "libbrotlidec1", "Identifier": { "PURL": "pkg:apk/wolfi/libbrotlidec1@1.2.0-r1?arch=x86_64\u0026distro=20230201", "UID": "f2a0588f28c79066", "BOMRef": "pkg:apk/wolfi/libbrotlidec1@1.2.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.0-r1", "Arch": "x86_64", "SrcName": "brotli", "SrcVersion": "1.2.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1", "libbrotlicommon1@1.2.0-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:b98182b5ebf03788a5dfd808af6e2d3eeb4ff13c" }, { "ID": "libbrotlienc1@1.2.0-r1", "Name": "libbrotlienc1", "Identifier": { "PURL": "pkg:apk/wolfi/libbrotlienc1@1.2.0-r1?arch=x86_64\u0026distro=20230201", "UID": "8d2962b802ecda99", "BOMRef": "pkg:apk/wolfi/libbrotlienc1@1.2.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.0-r1", "Arch": "x86_64", "SrcName": "brotli", "SrcVersion": "1.2.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1", "libbrotlicommon1@1.2.0-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:da1a062cc901589428b8d8fc3daa83a23f8cb929" }, { "ID": "libbz2-1@1.0.8-r22", "Name": "libbz2-1", "Identifier": { "PURL": "pkg:apk/wolfi/libbz2-1@1.0.8-r22?arch=x86_64\u0026distro=20230201", "UID": "4f3f4462cb765dd1", "BOMRef": "pkg:apk/wolfi/libbz2-1@1.0.8-r22?arch=x86_64\u0026distro=20230201" }, "Version": "1.0.8-r22", "Arch": "x86_64", "SrcName": "bzip2", "SrcVersion": "1.0.8-r22", "Licenses": [ "MPL-2.0", "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:7881510d91ca841ea9441e08e4a352199b87ff65" }, { "ID": "libcrypt1@2.43-r1", "Name": "libcrypt1", "Identifier": { "PURL": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "bf9f632e216bab3", "BOMRef": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.43-r1", "Arch": "x86_64", "SrcName": "glibc", "SrcVersion": "2.43-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "glibc@2.43-r1", "libxcrypt@4.5.2-r2", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "Digest": "sha1:c67ac42c65c2936d748c7fbb6161b64c650f3f3f" }, { "ID": "libcrypto3@3.6.1-r1", "Name": "libcrypto3", "Identifier": { "PURL": "pkg:apk/wolfi/libcrypto3@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "85aab75953abd74", "BOMRef": "pkg:apk/wolfi/libcrypto3@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.6.1-r1", "Arch": "x86_64", "SrcName": "openssl", "SrcVersion": "3.6.1-r1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:02fc55a9c757fa6bcfe11d95fb21dbe82723d434ab5cb91cfedf674fb3eb8267", "DiffID": "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0" }, "Digest": "sha1:d8bbdb6c6fc823c4567afe7518475cdeb6cfd67a" }, { "ID": "libexpat1@2.7.4-r1", "Name": "libexpat1", "Identifier": { "PURL": "pkg:apk/wolfi/libexpat1@2.7.4-r1?arch=x86_64\u0026distro=20230201", "UID": "82ef083d60624b3", "BOMRef": "pkg:apk/wolfi/libexpat1@2.7.4-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.7.4-r1", "Arch": "x86_64", "SrcName": "expat", "SrcVersion": "2.7.4-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:c5b2bb591573c0337e81a12513a9e010ee5f8495" }, { "ID": "libffi@3.5.2-r1", "Name": "libffi", "Identifier": { "PURL": "pkg:apk/wolfi/libffi@3.5.2-r1?arch=x86_64\u0026distro=20230201", "UID": "efc4cef8b97b05b", "BOMRef": "pkg:apk/wolfi/libffi@3.5.2-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.5.2-r1", "Arch": "x86_64", "SrcName": "libffi", "SrcVersion": "3.5.2-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:ce40e7d1f8951ac77983c4e263e2d7b04b194c17" }, { "ID": "libflac@1.4.3-r5", "Name": "libflac", "Identifier": { "PURL": "pkg:apk/wolfi/libflac@1.4.3-r5?arch=x86_64\u0026distro=20230201", "UID": "39f606c30ae05a7d", "BOMRef": "pkg:apk/wolfi/libflac@1.4.3-r5?arch=x86_64\u0026distro=20230201" }, "Version": "1.4.3-r5", "Arch": "x86_64", "SrcName": "flac", "SrcVersion": "1.4.3-r5", "Licenses": [ "BSD-3-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "libogg@1.3.6-r3" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:9f85a0f6948efb6edb5a9108403306d5c5eefe79" }, { "ID": "libgcc@15.2.0-r9", "Name": "libgcc", "Identifier": { "PURL": "pkg:apk/wolfi/libgcc@15.2.0-r9?arch=x86_64\u0026distro=20230201", "UID": "3a7d891b2f8b4450", "BOMRef": "pkg:apk/wolfi/libgcc@15.2.0-r9?arch=x86_64\u0026distro=20230201" }, "Version": "15.2.0-r9", "Arch": "x86_64", "SrcName": "gcc", "SrcVersion": "15.2.0-r9", "Licenses": [ "GPL-3.0-or-later WITH GCC-exception-3.1" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1" ], "Layer": { "Digest": "sha256:a45907cabfcb964d4109679f34e2aa5b1fda1d0069e136002f2594df87afa35e", "DiffID": "sha256:b6b512b9108959a393f94a860379497c2fb37e0ed270f661cc418c748808fc39" }, "Digest": "sha1:a384338305a4de5ba0f1cc4a472de2eefdeda7a5" }, { "ID": "libicu78@78.2-r0", "Name": "libicu78", "Identifier": { "PURL": "pkg:apk/wolfi/libicu78@78.2-r0?arch=x86_64\u0026distro=20230201", "UID": "249690462e07a40b", "BOMRef": "pkg:apk/wolfi/libicu78@78.2-r0?arch=x86_64\u0026distro=20230201" }, "Version": "78.2-r0", "Arch": "x86_64", "SrcName": "icu", "SrcVersion": "78.2-r0", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1", "icu78-data-full@78.2-r0", "ld-linux@2.43-r1", "libgcc@15.2.0-r9", "libstdc++@15.2.0-r9" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:7afb4e60da61c174faf3cde4b2919c67653c8630" }, { "ID": "libnghttp2-14@1.68.0-r1", "Name": "libnghttp2-14", "Identifier": { "PURL": "pkg:apk/wolfi/libnghttp2-14@1.68.0-r1?arch=x86_64\u0026distro=20230201", "UID": "1b4bcb9d46ae1e06", "BOMRef": "pkg:apk/wolfi/libnghttp2-14@1.68.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.68.0-r1", "Arch": "x86_64", "SrcName": "nghttp2", "SrcVersion": "1.68.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:51db5560582e98f33ac7d85cce1255191c92a3f3" }, { "ID": "libogg@1.3.6-r3", "Name": "libogg", "Identifier": { "PURL": "pkg:apk/wolfi/libogg@1.3.6-r3?arch=x86_64\u0026distro=20230201", "UID": "bd00feb2cf9b5702", "BOMRef": "pkg:apk/wolfi/libogg@1.3.6-r3?arch=x86_64\u0026distro=20230201" }, "Version": "1.3.6-r3", "Arch": "x86_64", "SrcName": "libogg", "SrcVersion": "1.3.6-r3", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:24e5b3b62b7c88003c8c977b62eb3db15f107af3" }, { "ID": "libsndfile@1.2.2-r2", "Name": "libsndfile", "Identifier": { "PURL": "pkg:apk/wolfi/libsndfile@1.2.2-r2?arch=x86_64\u0026distro=20230201", "UID": "cfb51d31f84de903", "BOMRef": "pkg:apk/wolfi/libsndfile@1.2.2-r2?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.2-r2", "Arch": "x86_64", "SrcName": "libsndfile", "SrcVersion": "1.2.2-r2", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "alsa-lib@1.2.15.3-r1", "glibc@2.43-r1", "ld-linux@2.43-r1", "libflac@1.4.3-r5", "libogg@1.3.6-r3", "libvorbis@1.3.7-r7", "opus@1.6.1-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:222cf6c756b25d6aaf54884c124f7291afbb16ad" }, { "ID": "libssl3@3.6.1-r1", "Name": "libssl3", "Identifier": { "PURL": "pkg:apk/wolfi/libssl3@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "2737a9b43318bb67", "BOMRef": "pkg:apk/wolfi/libssl3@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.6.1-r1", "Arch": "x86_64", "SrcName": "openssl", "SrcVersion": "3.6.1-r1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "glibc@2.43-r1", "libcrypto3@3.6.1-r1" ], "Layer": { "Digest": "sha256:02fc55a9c757fa6bcfe11d95fb21dbe82723d434ab5cb91cfedf674fb3eb8267", "DiffID": "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0" }, "Digest": "sha1:ac161813a56c650f73fa5596266b79810629c5f9" }, { "ID": "libstdc++@15.2.0-r9", "Name": "libstdc++", "Identifier": { "PURL": "pkg:apk/wolfi/libstdc%2B%2B@15.2.0-r9?arch=x86_64\u0026distro=20230201", "UID": "6246fac939d68608", "BOMRef": "pkg:apk/wolfi/libstdc%2B%2B@15.2.0-r9?arch=x86_64\u0026distro=20230201" }, "Version": "15.2.0-r9", "Arch": "x86_64", "SrcName": "gcc", "SrcVersion": "15.2.0-r9", "Licenses": [ "GPL-3.0-or-later WITH GCC-exception-3.1" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "libgcc@15.2.0-r9" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:586a6a321fe58c61d7b52123565676db37acd673" }, { "ID": "libuuid@2.41.3-r3", "Name": "libuuid", "Identifier": { "PURL": "pkg:apk/wolfi/libuuid@2.41.3-r3?arch=x86_64\u0026distro=20230201", "UID": "9be37769045801e7", "BOMRef": "pkg:apk/wolfi/libuuid@2.41.3-r3?arch=x86_64\u0026distro=20230201" }, "Version": "2.41.3-r3", "Arch": "x86_64", "SrcName": "util-linux", "SrcVersion": "2.41.3-r3", "Licenses": [ "GPL-3.0-or-later", "GPL-2.0-or-later", "GPL-2.0-only", "GPL-1.0-only", "LGPL-2.1-or-later", "BSD-1-Clause", "BSD-3-Clause", "BSD-4-Clause-UC", "MIT", "CC-PDDC" ], "DependsOn": [ "glibc@2.43-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:578db12606c45c43abe623521fe7c1d8692eeb3a" }, { "ID": "libuv@1.52.0-r0", "Name": "libuv", "Identifier": { "PURL": "pkg:apk/wolfi/libuv@1.52.0-r0?arch=x86_64\u0026distro=20230201", "UID": "9ecc19bd95718e96", "BOMRef": "pkg:apk/wolfi/libuv@1.52.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "1.52.0-r0", "Arch": "x86_64", "SrcName": "libuv", "SrcVersion": "1.52.0-r0", "Licenses": [ "MIT", "ISC" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:c6b05df19485549b3c0a54e97b7a079dc92ee909" }, { "ID": "libvorbis@1.3.7-r7", "Name": "libvorbis", "Identifier": { "PURL": "pkg:apk/wolfi/libvorbis@1.3.7-r7?arch=x86_64\u0026distro=20230201", "UID": "3927d0dee875b07b", "BOMRef": "pkg:apk/wolfi/libvorbis@1.3.7-r7?arch=x86_64\u0026distro=20230201" }, "Version": "1.3.7-r7", "Arch": "x86_64", "SrcName": "libvorbis", "SrcVersion": "1.3.7-r7", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "glibc@2.43-r1", "libogg@1.3.6-r3" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:767b9dd3dce1347ade0946cc58e1accdef131dd9" }, { "ID": "libxcrypt@4.5.2-r2", "Name": "libxcrypt", "Identifier": { "PURL": "pkg:apk/wolfi/libxcrypt@4.5.2-r2?arch=x86_64\u0026distro=20230201", "UID": "fc1ad85f26b1fd3b", "BOMRef": "pkg:apk/wolfi/libxcrypt@4.5.2-r2?arch=x86_64\u0026distro=20230201" }, "Version": "4.5.2-r2", "Arch": "x86_64", "SrcName": "libxcrypt", "SrcVersion": "4.5.2-r2", "Licenses": [ "GPL-2.0-or-later", "LGPL-2.1-or-later" ], "Layer": { "Digest": "sha256:7c6e71c1fdfdf429844e25aad86441920641c0ba46466bc1d043556bfb81b24e", "DiffID": "sha256:70991d5976e247cb33ca1923edd3f609e6c23f527dbe62b838d6a03c0bca6453" }, "Digest": "sha1:1dde219a6ba81f29f519398066c7924a90e34598" }, { "ID": "mpdecimal@4.0.1-r3", "Name": "mpdecimal", "Identifier": { "PURL": "pkg:apk/wolfi/mpdecimal@4.0.1-r3?arch=x86_64\u0026distro=20230201", "UID": "d54fd2a289db2040", "BOMRef": "pkg:apk/wolfi/mpdecimal@4.0.1-r3?arch=x86_64\u0026distro=20230201" }, "Version": "4.0.1-r3", "Arch": "x86_64", "SrcName": "mpdecimal", "SrcVersion": "4.0.1-r3", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "libgcc@15.2.0-r9", "libstdc++@15.2.0-r9" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:12885674e7ba1c71ee370a6876aedfd8c4f02ce4" }, { "ID": "ncurses@6.6_p20251230-r1", "Name": "ncurses", "Identifier": { "PURL": "pkg:apk/wolfi/ncurses@6.6_p20251230-r1?arch=x86_64\u0026distro=20230201", "UID": "584bcf4873a8d48a", "BOMRef": "pkg:apk/wolfi/ncurses@6.6_p20251230-r1?arch=x86_64\u0026distro=20230201" }, "Version": "6.6_p20251230-r1", "Arch": "x86_64", "SrcName": "ncurses", "SrcVersion": "6.6_p20251230-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "ncurses-terminfo-base@6.6_p20251230-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:d4f7df25bc5592a35e8b474da4abe726d6453883" }, { "ID": "ncurses-terminfo-base@6.6_p20251230-r1", "Name": "ncurses-terminfo-base", "Identifier": { "PURL": "pkg:apk/wolfi/ncurses-terminfo-base@6.6_p20251230-r1?arch=x86_64\u0026distro=20230201", "UID": "e43b79e9b44822c0", "BOMRef": "pkg:apk/wolfi/ncurses-terminfo-base@6.6_p20251230-r1?arch=x86_64\u0026distro=20230201" }, "Version": "6.6_p20251230-r1", "Arch": "x86_64", "SrcName": "ncurses", "SrcVersion": "6.6_p20251230-r1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:4dd42bfac7a276233bc5b8d479ab024134b7622c" }, { "ID": "nodejs-25@25.7.0-r0", "Name": "nodejs-25", "Identifier": { "PURL": "pkg:apk/wolfi/nodejs-25@25.7.0-r0?arch=x86_64\u0026distro=20230201", "UID": "9249a9f886033e9e", "BOMRef": "pkg:apk/wolfi/nodejs-25@25.7.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "25.7.0-r0", "Arch": "x86_64", "SrcName": "nodejs-25", "SrcVersion": "25.7.0-r0", "Licenses": [ "MIT" ], "DependsOn": [ "c-ares@1.34.6-r0", "glibc@2.43-r1", "ld-linux@2.43-r1", "libbrotlidec1@1.2.0-r1", "libbrotlienc1@1.2.0-r1", "libcrypto3@3.6.1-r1", "libgcc@15.2.0-r9", "libicu78@78.2-r0", "libnghttp2-14@1.68.0-r1", "libssl3@3.6.1-r1", "libstdc++@15.2.0-r9", "libuv@1.52.0-r0", "zlib@1.3.2-r0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:33bf91c3d75cbbe569d1809a9660def861bf5db9" }, { "ID": "npm@11.11.0-r0", "Name": "npm", "Identifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "11.11.0-r0", "Arch": "x86_64", "SrcName": "npm", "SrcVersion": "11.11.0-r0", "Licenses": [ "Artistic-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:5fffad2ab6a7d31cd06d3c3b35c36da012dde2c7" }, { "ID": "openssl@3.6.1-r1", "Name": "openssl", "Identifier": { "PURL": "pkg:apk/wolfi/openssl@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "7ca336c25485b50d", "BOMRef": "pkg:apk/wolfi/openssl@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.6.1-r1", "Arch": "x86_64", "SrcName": "openssl", "SrcVersion": "3.6.1-r1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "libcrypto3@3.6.1-r1", "libssl3@3.6.1-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:f8d343216b1b16abe5c51e7f168b2d2209e1bfdb" }, { "ID": "opus@1.6.1-r1", "Name": "opus", "Identifier": { "PURL": "pkg:apk/wolfi/opus@1.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "a770c9a0580afa31", "BOMRef": "pkg:apk/wolfi/opus@1.6.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.6.1-r1", "Arch": "x86_64", "SrcName": "opus", "SrcVersion": "1.6.1-r1", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:2015751abf16343d398868abaaeff27211fce661" }, { "ID": "py3-pip-wheel@26.0.1-r1", "Name": "py3-pip-wheel", "Identifier": { "PURL": "pkg:apk/wolfi/py3-pip-wheel@26.0.1-r1?arch=x86_64\u0026distro=20230201", "UID": "6f323559cd8bfd93", "BOMRef": "pkg:apk/wolfi/py3-pip-wheel@26.0.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "26.0.1-r1", "Arch": "x86_64", "SrcName": "py3-pip", "SrcVersion": "26.0.1-r1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:fbfdeab3dd1ad8b3e5d16df7716d10870f3c8ec9" }, { "ID": "py3.13-pip@26.0.1-r1", "Name": "py3.13-pip", "Identifier": { "PURL": "pkg:apk/wolfi/py3.13-pip@26.0.1-r1?arch=x86_64\u0026distro=20230201", "UID": "41f2797c18510126", "BOMRef": "pkg:apk/wolfi/py3.13-pip@26.0.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "26.0.1-r1", "Arch": "x86_64", "SrcName": "py3-pip", "SrcVersion": "26.0.1-r1", "Licenses": [ "MIT" ], "DependsOn": [ "py3.13-pip-base@26.0.1-r1", "python-3.13-base@3.13.12-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:61443d427de3418ccb77b5972b1b807617221297" }, { "ID": "py3.13-pip-base@26.0.1-r1", "Name": "py3.13-pip-base", "Identifier": { "PURL": "pkg:apk/wolfi/py3.13-pip-base@26.0.1-r1?arch=x86_64\u0026distro=20230201", "UID": "275f9d868f92b088", "BOMRef": "pkg:apk/wolfi/py3.13-pip-base@26.0.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "26.0.1-r1", "Arch": "x86_64", "SrcName": "py3-pip", "SrcVersion": "26.0.1-r1", "Licenses": [ "MIT" ], "DependsOn": [ "py3.13-setuptools@82.0.0-r1", "python-3.13-base@3.13.12-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:7c987010127797c7cb69fd7d9ffd5864682e6c6f" }, { "ID": "py3.13-setuptools@82.0.0-r1", "Name": "py3.13-setuptools", "Identifier": { "PURL": "pkg:apk/wolfi/py3.13-setuptools@82.0.0-r1?arch=x86_64\u0026distro=20230201", "UID": "af442efd1eaf99cc", "BOMRef": "pkg:apk/wolfi/py3.13-setuptools@82.0.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "82.0.0-r1", "Arch": "x86_64", "SrcName": "py3-setuptools", "SrcVersion": "82.0.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "python-3.13-base@3.13.12-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:fa47969b9522e3440e44ac0eb642d810041bf4b2" }, { "ID": "python-3.13@3.13.12-r1", "Name": "python-3.13", "Identifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.13.12-r1", "Arch": "x86_64", "SrcName": "python-3.13", "SrcVersion": "3.13.12-r1", "Licenses": [ "PSF-2.0" ], "DependsOn": [ "python-3.13-base@3.13.12-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:0241e1ce72e390d29f7d306898141c96e0c749cd" }, { "ID": "python-3.13-base@3.13.12-r1", "Name": "python-3.13-base", "Identifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.13.12-r1", "Arch": "x86_64", "SrcName": "python-3.13", "SrcVersion": "3.13.12-r1", "Licenses": [ "PSF-2.0" ], "DependsOn": [ "gdbm@1.26-r2", "glibc@2.43-r1", "ld-linux@2.43-r1", "libbz2-1@1.0.8-r22", "libcrypto3@3.6.1-r1", "libexpat1@2.7.4-r1", "libffi@3.5.2-r1", "libssl3@3.6.1-r1", "libuuid@2.41.3-r3", "mpdecimal@4.0.1-r3", "ncurses@6.6_p20251230-r1", "py3-pip-wheel@26.0.1-r1", "readline@8.3-r1", "sqlite-libs@3.51.1-r0", "xz@5.8.2-r1", "zlib@1.3.2-r0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:d8c899deefcc9a65040c6ba138ed428c7f2f18fe" }, { "ID": "readline@8.3-r1", "Name": "readline", "Identifier": { "PURL": "pkg:apk/wolfi/readline@8.3-r1?arch=x86_64\u0026distro=20230201", "UID": "7440e9c66a02169f", "BOMRef": "pkg:apk/wolfi/readline@8.3-r1?arch=x86_64\u0026distro=20230201" }, "Version": "8.3-r1", "Arch": "x86_64", "SrcName": "readline", "SrcVersion": "8.3-r1", "Licenses": [ "GPL-3.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ncurses@6.6_p20251230-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:bcbe178d5b1edd94ce7b1cb8465e1cda8964a3db" }, { "ID": "sqlite-libs@3.51.1-r0", "Name": "sqlite-libs", "Identifier": { "PURL": "pkg:apk/wolfi/sqlite-libs@3.51.1-r0?arch=x86_64\u0026distro=20230201", "UID": "908f5e322e883ae7", "BOMRef": "pkg:apk/wolfi/sqlite-libs@3.51.1-r0?arch=x86_64\u0026distro=20230201" }, "Version": "3.51.1-r0", "Arch": "x86_64", "SrcName": "sqlite", "SrcVersion": "3.51.1-r0", "Licenses": [ "blessing" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:d0361a0bc6717f9262dbf71e350da24cd1987755" }, { "ID": "supervisor@4.3.0-r0", "Name": "supervisor", "Identifier": { "PURL": "pkg:apk/wolfi/supervisor@4.3.0-r0?arch=x86_64\u0026distro=20230201", "UID": "e00589a5d7a156db", "BOMRef": "pkg:apk/wolfi/supervisor@4.3.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "4.3.0-r0", "Arch": "x86_64", "SrcName": "supervisor", "SrcVersion": "4.3.0-r0", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "py3.13-setuptools@82.0.0-r1", "python-3.13-base@3.13.12-r1", "supervisor-config@4.3.0-r0" ], "Layer": { "Digest": "sha256:ce500f2eb371f935245d1b700d8f6db478734a1844cc350a981fe6bfbdcf3fa7", "DiffID": "sha256:68de260a7ca397c67873261d65c43f20595c2bba29d4e2eb84f1dc8630b662a5" }, "Digest": "sha1:6daf57e1bd2a466563021c6c1d2b726d4f32a659" }, { "ID": "supervisor-config@4.3.0-r0", "Name": "supervisor-config", "Identifier": { "PURL": "pkg:apk/wolfi/supervisor-config@4.3.0-r0?arch=x86_64\u0026distro=20230201", "UID": "dfa614ab54da3388", "BOMRef": "pkg:apk/wolfi/supervisor-config@4.3.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "4.3.0-r0", "Arch": "x86_64", "SrcName": "supervisor", "SrcVersion": "4.3.0-r0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:ce500f2eb371f935245d1b700d8f6db478734a1844cc350a981fe6bfbdcf3fa7", "DiffID": "sha256:68de260a7ca397c67873261d65c43f20595c2bba29d4e2eb84f1dc8630b662a5" }, "Digest": "sha1:9dc25d852bd533a57c94bba2e0649a696c81efae" }, { "ID": "tzdata@2025c-r0", "Name": "tzdata", "Identifier": { "PURL": "pkg:apk/wolfi/tzdata@2025c-r0?arch=x86_64\u0026distro=20230201", "UID": "daa9b6b94838f3d", "BOMRef": "pkg:apk/wolfi/tzdata@2025c-r0?arch=x86_64\u0026distro=20230201" }, "Version": "2025c-r0", "Arch": "x86_64", "SrcName": "tzdata", "SrcVersion": "2025c-r0", "Licenses": [ "CC-PDDC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:2c137e3cd0482cb748f0d5ab1c1907bd2a03598a" }, { "ID": "wolfi-base@1-r7", "Name": "wolfi-base", "Identifier": { "PURL": "pkg:apk/wolfi/wolfi-base@1-r7?arch=x86_64\u0026distro=20230201", "UID": "6f8cf0f66597c990", "BOMRef": "pkg:apk/wolfi/wolfi-base@1-r7?arch=x86_64\u0026distro=20230201" }, "Version": "1-r7", "Arch": "x86_64", "SrcName": "wolfi-base", "SrcVersion": "1-r7", "Licenses": [ "MIT" ], "DependsOn": [ "apk-tools@2.14.10-r10", "busybox@1.37.0-r54", "wolfi-keys@1-r13" ], "Layer": { "Digest": "sha256:cdea145aa11554331de7d95b1834fd4f2a784fa573086475ff0d7c86d3abd020", "DiffID": "sha256:b8195249dcd92d2c0519946f0a9f9d9ec7b88e9a19b5f83bc156103a39d5ab50" }, "Digest": "sha1:e82b5ced3be890350f3a2fb44e41c27929abca1d" }, { "ID": "wolfi-baselayout@20230201-r27", "Name": "wolfi-baselayout", "Identifier": { "PURL": "pkg:apk/wolfi/wolfi-baselayout@20230201-r27?arch=x86_64\u0026distro=20230201", "UID": "57a37cd26a729add", "BOMRef": "pkg:apk/wolfi/wolfi-baselayout@20230201-r27?arch=x86_64\u0026distro=20230201" }, "Version": "20230201-r27", "Arch": "x86_64", "SrcName": "wolfi-baselayout", "SrcVersion": "20230201-r27", "Licenses": [ "MIT" ], "DependsOn": [ "ca-certificates-bundle@20251003-r3" ], "Layer": { "Digest": "sha256:b287abf0b51506c574830a1df8c83ea04b65f96da2d6c71f303f6d994a458b70", "DiffID": "sha256:c38e600be9e3b4d789f0b1f8c9a67b1ff2094481e475a06cea386c5962b57f54" }, "Digest": "sha1:86baca1658b3ab2a62e0e8d8067cce510764ca95" }, { "ID": "wolfi-keys@1-r13", "Name": "wolfi-keys", "Identifier": { "PURL": "pkg:apk/wolfi/wolfi-keys@1-r13?arch=x86_64\u0026distro=20230201", "UID": "6d83bacbf2f192de", "BOMRef": "pkg:apk/wolfi/wolfi-keys@1-r13?arch=x86_64\u0026distro=20230201" }, "Version": "1-r13", "Arch": "x86_64", "SrcName": "wolfi-keys", "SrcVersion": "1-r13", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:cdea145aa11554331de7d95b1834fd4f2a784fa573086475ff0d7c86d3abd020", "DiffID": "sha256:b8195249dcd92d2c0519946f0a9f9d9ec7b88e9a19b5f83bc156103a39d5ab50" }, "Digest": "sha1:c9e9f5b4a87785ae4aae9539e439d85b22c7390d" }, { "ID": "xz@5.8.2-r1", "Name": "xz", "Identifier": { "PURL": "pkg:apk/wolfi/xz@5.8.2-r1?arch=x86_64\u0026distro=20230201", "UID": "bb2f04ce13fecd7", "BOMRef": "pkg:apk/wolfi/xz@5.8.2-r1?arch=x86_64\u0026distro=20230201" }, "Version": "5.8.2-r1", "Arch": "x86_64", "SrcName": "xz", "SrcVersion": "5.8.2-r1", "Licenses": [ "GPL-3.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:a62ac8ca6b6fce65347163e705059c140c679433" }, { "ID": "zlib@1.3.2-r0", "Name": "zlib", "Identifier": { "PURL": "pkg:apk/wolfi/zlib@1.3.2-r0?arch=x86_64\u0026distro=20230201", "UID": "bdf67a1cd00fe2", "BOMRef": "pkg:apk/wolfi/zlib@1.3.2-r0?arch=x86_64\u0026distro=20230201" }, "Version": "1.3.2-r0", "Arch": "x86_64", "SrcName": "zlib", "SrcVersion": "1.3.2-r0", "Licenses": [ "MPL-2.0", "MIT" ], "DependsOn": [ "glibc@2.43-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:83aaad0499db295fc3c418431dc48973d2ad0fc36b83ca041ca7ffd882f799dc", "DiffID": "sha256:09415f6704429bf538351a5149a730bf1f254708ab21586991db5bb27b8907bd" }, "Digest": "sha1:5374a82f6bd86f9b9bfca859ad3bbe6ebcd12c41" } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-4437", "PkgID": "glibc@2.43-r1", "PkgName": "glibc", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "19fc32b613e931a6", "BOMRef": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4437", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:cb1d5b29d009d985f82f03d06d4132b161af53669eb973a9cd306b7830b999d2", "Title": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4437", "https://nvd.nist.gov/vuln/detail/CVE-2026-4437", "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "https://www.cve.org/CVERecord?id=CVE-2026-4437" ], "PublishedDate": "2026-03-20T20:16:49.477Z", "LastModifiedDate": "2026-03-23T16:16:51.537Z" }, { "VulnerabilityID": "CVE-2026-4438", "PkgID": "glibc@2.43-r1", "PkgName": "glibc", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "19fc32b613e931a6", "BOMRef": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4438", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:174617a558bb49cef69e61a65c299ba30b3f10307baf2beab4a24969861bc60a", "Title": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-88" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4438", "https://nvd.nist.gov/vuln/detail/CVE-2026-4438", "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "https://www.cve.org/CVERecord?id=CVE-2026-4438" ], "PublishedDate": "2026-03-20T20:16:49.623Z", "LastModifiedDate": "2026-03-23T15:16:35.68Z" }, { "VulnerabilityID": "CVE-2026-4437", "PkgID": "glibc-locale-posix@2.43-r1", "PkgName": "glibc-locale-posix", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "5e241543b8fe7d0", "BOMRef": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4437", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:dc0c7109b3c700aa202b5293fc1fac458cbdf0582ebe133353f85ec8380a58a5", "Title": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4437", "https://nvd.nist.gov/vuln/detail/CVE-2026-4437", "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "https://www.cve.org/CVERecord?id=CVE-2026-4437" ], "PublishedDate": "2026-03-20T20:16:49.477Z", "LastModifiedDate": "2026-03-23T16:16:51.537Z" }, { "VulnerabilityID": "CVE-2026-4438", "PkgID": "glibc-locale-posix@2.43-r1", "PkgName": "glibc-locale-posix", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "5e241543b8fe7d0", "BOMRef": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4438", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:a513194cb19bc52b838f82fe7b95314f691d08d3c67d8e4d19951f88e2129632", "Title": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-88" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4438", "https://nvd.nist.gov/vuln/detail/CVE-2026-4438", "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "https://www.cve.org/CVERecord?id=CVE-2026-4438" ], "PublishedDate": "2026-03-20T20:16:49.623Z", "LastModifiedDate": "2026-03-23T15:16:35.68Z" }, { "VulnerabilityID": "CVE-2026-4437", "PkgID": "ld-linux@2.43-r1", "PkgName": "ld-linux", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "e85685852da579df", "BOMRef": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4437", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:c3813da0218b7adc813ac5c2ff20fe61bfebb45a933941db6981eb0c18a558c8", "Title": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4437", "https://nvd.nist.gov/vuln/detail/CVE-2026-4437", "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "https://www.cve.org/CVERecord?id=CVE-2026-4437" ], "PublishedDate": "2026-03-20T20:16:49.477Z", "LastModifiedDate": "2026-03-23T16:16:51.537Z" }, { "VulnerabilityID": "CVE-2026-4438", "PkgID": "ld-linux@2.43-r1", "PkgName": "ld-linux", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "e85685852da579df", "BOMRef": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4438", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:45d9bb16087047e4f8255cb273a4542299a2e5877643c502ef4231d7b8c507b5", "Title": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-88" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4438", "https://nvd.nist.gov/vuln/detail/CVE-2026-4438", "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "https://www.cve.org/CVERecord?id=CVE-2026-4438" ], "PublishedDate": "2026-03-20T20:16:49.623Z", "LastModifiedDate": "2026-03-23T15:16:35.68Z" }, { "VulnerabilityID": "CVE-2026-4437", "PkgID": "libcrypt1@2.43-r1", "PkgName": "libcrypt1", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "bf9f632e216bab3", "BOMRef": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4437", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:25a5b0c1c53432bb9d5ece0e46d77103d4870675b7664a39f0dcf45145f914e8", "Title": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4437", "https://nvd.nist.gov/vuln/detail/CVE-2026-4437", "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "https://www.cve.org/CVERecord?id=CVE-2026-4437" ], "PublishedDate": "2026-03-20T20:16:49.477Z", "LastModifiedDate": "2026-03-23T16:16:51.537Z" }, { "VulnerabilityID": "CVE-2026-4438", "PkgID": "libcrypt1@2.43-r1", "PkgName": "libcrypt1", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "bf9f632e216bab3", "BOMRef": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4438", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:5092036aeaf36bb06da768cec38189f461f9cd7af59c17fbf29180f422afde06", "Title": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-88" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4438", "https://nvd.nist.gov/vuln/detail/CVE-2026-4438", "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "https://www.cve.org/CVERecord?id=CVE-2026-4438" ], "PublishedDate": "2026-03-20T20:16:49.623Z", "LastModifiedDate": "2026-03-23T15:16:35.68Z" }, { "VulnerabilityID": "CVE-2026-2673", "PkgID": "libcrypto3@3.6.1-r1", "PkgName": "libcrypto3", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/libcrypto3@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "85aab75953abd74", "BOMRef": "pkg:apk/wolfi/libcrypto3@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.6.1-r1", "FixedVersion": "3.6.1-r3", "Status": "fixed", "Layer": { "Digest": "sha256:02fc55a9c757fa6bcfe11d95fb21dbe82723d434ab5cb91cfedf674fb3eb8267", "DiffID": "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2673", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:31208ab88feb3718209149f7edfcf2918d41a5100783558858b4f78143c797d5", "Title": "openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group", "Description": "Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected\npreferred key exchange group when its key exchange group configuration includes\nthe default by using the 'DEFAULT' keyword.\n\nImpact summary: A less preferred key exchange may be used even when a more\npreferred group is supported by both client and server, if the group\nwas not included among the client's initial predicated keyshares.\nThis will sometimes be the case with the new hybrid post-quantum groups,\nif the client chooses to defer their use until specifically requested by\nthe server.\n\nIf an OpenSSL TLS 1.3 server's configuration uses the 'DEFAULT' keyword to\ninterpolate the built-in default group list into its own configuration, perhaps\nadding or removing specific elements, then an implementation defect causes the\n'DEFAULT' list to lose its 'tuple' structure, and all server-supported groups\nwere treated as a single sufficiently secure 'tuple', with the server not\nsending a Hello Retry Request (HRR) even when a group in a more preferred tuple\nwas mutually supported.\n\nAs a result, the client and server might fail to negotiate a mutually supported\npost-quantum key agreement group, such as 'X25519MLKEM768', if the client's\nconfiguration results in only 'classical' groups (such as 'X25519' being the\nonly ones in the client's initial keyshare prediction).\n\nOpenSSL 3.5 and later support a new syntax for selecting the most preferred TLS\n1.3 key agreement group on TLS servers. The old syntax had a single 'flat'\nlist of groups, and treated all the supported groups as sufficiently secure.\nIf any of the keyshares predicted by the client were supported by the server\nthe most preferred among these was selected, even if other groups supported by\nthe client, but not included in the list of predicted keyshares would have been\nmore preferred, if included.\n\nThe new syntax partitions the groups into distinct 'tuples' of roughly\nequivalent security. Within each tuple the most preferred group included among\nthe client's predicted keyshares is chosen, but if the client supports a group\nfrom a more preferred tuple, but did not predict any corresponding keyshares,\nthe server will ask the client to retry the ClientHello (by issuing a Hello\nRetry Request or HRR) with the most preferred mutually supported group.\n\nThe above works as expected when the server's configuration uses the built-in\ndefault group list, or explicitly defines its own list by directly defining the\nvarious desired groups and group 'tuples'.\n\nNo OpenSSL FIPS modules are affected by this issue, the code in question lies\noutside the FIPS boundary.\n\nOpenSSL 3.6 and 3.5 are vulnerable to this issue.\n\nOpenSSL 3.6 users should upgrade to OpenSSL 3.6.2 once it is released.\nOpenSSL 3.5 users should upgrade to OpenSSL 3.5.6 once it is released.\n\nOpenSSL 3.4, 3.3, 3.0, 1.0.2 and 1.1.1 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-757" ], "VendorSeverity": { "amazon": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/13/3", "https://access.redhat.com/security/cve/CVE-2026-2673", "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f", "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34", "https://nvd.nist.gov/vuln/detail/CVE-2026-2673", "https://openssl-library.org/news/secadv/20260313.txt", "https://www.cve.org/CVERecord?id=CVE-2026-2673" ], "PublishedDate": "2026-03-13T19:54:34.033Z", "LastModifiedDate": "2026-03-17T18:16:15.6Z" }, { "VulnerabilityID": "CVE-2026-2673", "PkgID": "libssl3@3.6.1-r1", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/libssl3@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "2737a9b43318bb67", "BOMRef": "pkg:apk/wolfi/libssl3@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.6.1-r1", "FixedVersion": "3.6.1-r3", "Status": "fixed", "Layer": { "Digest": "sha256:02fc55a9c757fa6bcfe11d95fb21dbe82723d434ab5cb91cfedf674fb3eb8267", "DiffID": "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2673", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:6e90b88a60eb5c84bb7dd96e1739f0e69bd7d48125417de782b2b45bb1480af2", "Title": "openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group", "Description": "Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected\npreferred key exchange group when its key exchange group configuration includes\nthe default by using the 'DEFAULT' keyword.\n\nImpact summary: A less preferred key exchange may be used even when a more\npreferred group is supported by both client and server, if the group\nwas not included among the client's initial predicated keyshares.\nThis will sometimes be the case with the new hybrid post-quantum groups,\nif the client chooses to defer their use until specifically requested by\nthe server.\n\nIf an OpenSSL TLS 1.3 server's configuration uses the 'DEFAULT' keyword to\ninterpolate the built-in default group list into its own configuration, perhaps\nadding or removing specific elements, then an implementation defect causes the\n'DEFAULT' list to lose its 'tuple' structure, and all server-supported groups\nwere treated as a single sufficiently secure 'tuple', with the server not\nsending a Hello Retry Request (HRR) even when a group in a more preferred tuple\nwas mutually supported.\n\nAs a result, the client and server might fail to negotiate a mutually supported\npost-quantum key agreement group, such as 'X25519MLKEM768', if the client's\nconfiguration results in only 'classical' groups (such as 'X25519' being the\nonly ones in the client's initial keyshare prediction).\n\nOpenSSL 3.5 and later support a new syntax for selecting the most preferred TLS\n1.3 key agreement group on TLS servers. The old syntax had a single 'flat'\nlist of groups, and treated all the supported groups as sufficiently secure.\nIf any of the keyshares predicted by the client were supported by the server\nthe most preferred among these was selected, even if other groups supported by\nthe client, but not included in the list of predicted keyshares would have been\nmore preferred, if included.\n\nThe new syntax partitions the groups into distinct 'tuples' of roughly\nequivalent security. Within each tuple the most preferred group included among\nthe client's predicted keyshares is chosen, but if the client supports a group\nfrom a more preferred tuple, but did not predict any corresponding keyshares,\nthe server will ask the client to retry the ClientHello (by issuing a Hello\nRetry Request or HRR) with the most preferred mutually supported group.\n\nThe above works as expected when the server's configuration uses the built-in\ndefault group list, or explicitly defines its own list by directly defining the\nvarious desired groups and group 'tuples'.\n\nNo OpenSSL FIPS modules are affected by this issue, the code in question lies\noutside the FIPS boundary.\n\nOpenSSL 3.6 and 3.5 are vulnerable to this issue.\n\nOpenSSL 3.6 users should upgrade to OpenSSL 3.6.2 once it is released.\nOpenSSL 3.5 users should upgrade to OpenSSL 3.5.6 once it is released.\n\nOpenSSL 3.4, 3.3, 3.0, 1.0.2 and 1.1.1 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-757" ], "VendorSeverity": { "amazon": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/13/3", "https://access.redhat.com/security/cve/CVE-2026-2673", "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f", "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34", "https://nvd.nist.gov/vuln/detail/CVE-2026-2673", "https://openssl-library.org/news/secadv/20260313.txt", "https://www.cve.org/CVERecord?id=CVE-2026-2673" ], "PublishedDate": "2026-03-13T19:54:34.033Z", "LastModifiedDate": "2026-03-17T18:16:15.6Z" }, { "VulnerabilityID": "CVE-2026-27903", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.11.0-r1", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:cc61a6bc20d45b00e1bfbe68f2b6ac209cb946f45587e92b0551ad5bcd9c12fc", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27904", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.11.0-r1", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:b5f4a28e1f007810427b8a3b14e09c5040d9f831d64228f650eebd1e6452b379", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-29786", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.11.0-r2", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:2ecba8ac775578ffd0356da369964490e45ffea617a5f1c1fd06e2cad7ae2c1e", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-33671", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.12.1-r0", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:d60b3c61afd5f76b3fc5b1b7077ec750b00114779f17ed17133dde68b1a9bd06", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33672", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.12.1-r0", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:a2054c899770b599cbb21ded182a8992b987a1d746187bd0c30c01a53ba529e5", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-33750", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.12.1-r0", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:1142941cf124c97e6f711a02f5775ddb16bc789639ee1cd15c4e20b44177b422", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-2673", "PkgID": "openssl@3.6.1-r1", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/openssl@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "7ca336c25485b50d", "BOMRef": "pkg:apk/wolfi/openssl@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.6.1-r1", "FixedVersion": "3.6.1-r3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2673", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:a124872e034711405e1f3f99de9b1a7d786095fb32ede9f08ddd934e5e52cb19", "Title": "openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group", "Description": "Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected\npreferred key exchange group when its key exchange group configuration includes\nthe default by using the 'DEFAULT' keyword.\n\nImpact summary: A less preferred key exchange may be used even when a more\npreferred group is supported by both client and server, if the group\nwas not included among the client's initial predicated keyshares.\nThis will sometimes be the case with the new hybrid post-quantum groups,\nif the client chooses to defer their use until specifically requested by\nthe server.\n\nIf an OpenSSL TLS 1.3 server's configuration uses the 'DEFAULT' keyword to\ninterpolate the built-in default group list into its own configuration, perhaps\nadding or removing specific elements, then an implementation defect causes the\n'DEFAULT' list to lose its 'tuple' structure, and all server-supported groups\nwere treated as a single sufficiently secure 'tuple', with the server not\nsending a Hello Retry Request (HRR) even when a group in a more preferred tuple\nwas mutually supported.\n\nAs a result, the client and server might fail to negotiate a mutually supported\npost-quantum key agreement group, such as 'X25519MLKEM768', if the client's\nconfiguration results in only 'classical' groups (such as 'X25519' being the\nonly ones in the client's initial keyshare prediction).\n\nOpenSSL 3.5 and later support a new syntax for selecting the most preferred TLS\n1.3 key agreement group on TLS servers. The old syntax had a single 'flat'\nlist of groups, and treated all the supported groups as sufficiently secure.\nIf any of the keyshares predicted by the client were supported by the server\nthe most preferred among these was selected, even if other groups supported by\nthe client, but not included in the list of predicted keyshares would have been\nmore preferred, if included.\n\nThe new syntax partitions the groups into distinct 'tuples' of roughly\nequivalent security. Within each tuple the most preferred group included among\nthe client's predicted keyshares is chosen, but if the client supports a group\nfrom a more preferred tuple, but did not predict any corresponding keyshares,\nthe server will ask the client to retry the ClientHello (by issuing a Hello\nRetry Request or HRR) with the most preferred mutually supported group.\n\nThe above works as expected when the server's configuration uses the built-in\ndefault group list, or explicitly defines its own list by directly defining the\nvarious desired groups and group 'tuples'.\n\nNo OpenSSL FIPS modules are affected by this issue, the code in question lies\noutside the FIPS boundary.\n\nOpenSSL 3.6 and 3.5 are vulnerable to this issue.\n\nOpenSSL 3.6 users should upgrade to OpenSSL 3.6.2 once it is released.\nOpenSSL 3.5 users should upgrade to OpenSSL 3.5.6 once it is released.\n\nOpenSSL 3.4, 3.3, 3.0, 1.0.2 and 1.1.1 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-757" ], "VendorSeverity": { "amazon": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/13/3", "https://access.redhat.com/security/cve/CVE-2026-2673", "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f", "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34", "https://nvd.nist.gov/vuln/detail/CVE-2026-2673", "https://openssl-library.org/news/secadv/20260313.txt", "https://www.cve.org/CVERecord?id=CVE-2026-2673" ], "PublishedDate": "2026-03-13T19:54:34.033Z", "LastModifiedDate": "2026-03-17T18:16:15.6Z" }, { "VulnerabilityID": "CVE-2026-4519", "PkgID": "python-3.13@3.13.12-r1", "PkgName": "python-3.13", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r5", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4519", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:42065b9d0314025df53a658c8a912b96368e5cbbdfc82a8eb7e381453b1269cb", "Title": "python: Python: Command-line option injection in webbrowser.open() via crafted URLs", "Description": "The webbrowser.open() API would accept leading dashes in the URL which \ncould be handled as command line options for certain web browsers. New \nbehavior rejects leading dashes. Users are recommended to sanitize URLs \nprior to passing to webbrowser.open().", "Severity": "HIGH", "CweIDs": [ "CWE-20" ], "VendorSeverity": { "alma": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "V3Score": 7.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/20/1", "https://access.redhat.com/errata/RHSA-2026:6286", "https://access.redhat.com/security/cve/CVE-2026-4519", "https://bugzilla.redhat.com/2449649", "https://errata.almalinux.org/9/ALSA-2026-6286.html", "https://github.com/python/cpython/commit/43fe06b96f6a6cf5cfd5bdab20b8649374956866", "https://github.com/python/cpython/commit/82a24a4442312bdcfc4c799885e8b3e00990f02b", "https://github.com/python/cpython/commit/9669a912a0e329c094e992204d6bdb8787024d76", "https://github.com/python/cpython/commit/ad4d5ba32af4d80b0dfa2ba9d8203bfb219e60a5", "https://github.com/python/cpython/commit/cbba6119391112aba9c5aebf7b94aea447922c48", "https://github.com/python/cpython/commit/ceac1efc66516ac387eef2c9a0ce671895b44f03", "https://github.com/python/cpython/issues/143930", "https://github.com/python/cpython/pull/143931", "https://linux.oracle.com/cve/CVE-2026-4519.html", "https://linux.oracle.com/errata/ELSA-2026-6473.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/", "https://nvd.nist.gov/vuln/detail/CVE-2026-4519", "https://www.cve.org/CVERecord?id=CVE-2026-4519" ], "PublishedDate": "2026-03-20T15:16:24.057Z", "LastModifiedDate": "2026-03-25T18:16:33.073Z" }, { "VulnerabilityID": "CVE-2026-3644", "PkgID": "python-3.13@3.13.12-r1", "PkgName": "python-3.13", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r7", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3644", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:b5d1568167a0bdaa70f300f821960b107511cdd7088ab6dfeae9d453db4baf7a", "Title": "cpython: Incomplete control character validation in http.cookies", "Description": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-116" ], "VendorSeverity": { "amazon": 2, "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 5.4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3644", "https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4", "https://github.com/python/cpython/commit/62ceb396fcbe69da1ded3702de586f4072b590dd", "https://github.com/python/cpython/commit/d16ecc6c3626f0e2cc8f08c309c83934e8a979dd", "https://github.com/python/cpython/issues/145599", "https://github.com/python/cpython/pull/145600", "https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/", "https://nvd.nist.gov/vuln/detail/CVE-2026-3644", "https://www.cve.org/CVERecord?id=CVE-2026-3644" ], "PublishedDate": "2026-03-16T18:16:09.907Z", "LastModifiedDate": "2026-03-17T14:20:01.67Z" }, { "VulnerabilityID": "CVE-2026-4224", "PkgID": "python-3.13@3.13.12-r1", "PkgName": "python-3.13", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r7", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4224", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:a0966452e8b333ace70aec1dba282dba6f2578b203fe460d67d0424a2048760a", "Title": "cpython: Stack overflow parsing XML with deeply nested DTD content models", "Description": "When an Expat parser with a registered ElementDeclHandler parses an inline\ndocument type definition containing a deeply nested content model a C stack\noverflow occurs.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/16/4", "https://access.redhat.com/security/cve/CVE-2026-4224", "https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a", "https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3", "https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768", "https://github.com/python/cpython/issues/145986", "https://github.com/python/cpython/pull/145987", "https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/", "https://nvd.nist.gov/vuln/detail/CVE-2026-4224", "https://www.cve.org/CVERecord?id=CVE-2026-4224" ], "PublishedDate": "2026-03-16T18:16:10.07Z", "LastModifiedDate": "2026-03-17T14:20:01.67Z" }, { "VulnerabilityID": "CVE-2026-2297", "PkgID": "python-3.13@3.13.12-r1", "PkgName": "python-3.13", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2297", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:b17166e84baa4d1be1dcaf1a31603f5b0d495d7113817694fef3876f0aa71fb3", "Title": "cpython: CPython: Logging Bypass in Legacy .pyc File Handling", "Description": "The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does not use io.open_code() to read the .pyc files. sys.audit handlers for this audit event therefore do not fire.", "Severity": "LOW", "CweIDs": [ "CWE-668" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/05/6", "https://access.redhat.com/security/cve/CVE-2026-2297", "https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e", "https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e", "https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86", "https://github.com/python/cpython/issues/145506", "https://github.com/python/cpython/pull/145507", "https://nvd.nist.gov/vuln/detail/CVE-2026-2297", "https://www.cve.org/CVERecord?id=CVE-2026-2297" ], "PublishedDate": "2026-03-04T23:16:10.757Z", "LastModifiedDate": "2026-03-12T15:16:27.957Z" }, { "VulnerabilityID": "CVE-2026-4519", "PkgID": "python-3.13-base@3.13.12-r1", "PkgName": "python-3.13-base", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r5", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4519", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:158b2840e80b1b543771ccefc6bb4d76474b95a18005a39081167be483480de9", "Title": "python: Python: Command-line option injection in webbrowser.open() via crafted URLs", "Description": "The webbrowser.open() API would accept leading dashes in the URL which \ncould be handled as command line options for certain web browsers. New \nbehavior rejects leading dashes. Users are recommended to sanitize URLs \nprior to passing to webbrowser.open().", "Severity": "HIGH", "CweIDs": [ "CWE-20" ], "VendorSeverity": { "alma": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "V3Score": 7.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/20/1", "https://access.redhat.com/errata/RHSA-2026:6286", "https://access.redhat.com/security/cve/CVE-2026-4519", "https://bugzilla.redhat.com/2449649", "https://errata.almalinux.org/9/ALSA-2026-6286.html", "https://github.com/python/cpython/commit/43fe06b96f6a6cf5cfd5bdab20b8649374956866", "https://github.com/python/cpython/commit/82a24a4442312bdcfc4c799885e8b3e00990f02b", "https://github.com/python/cpython/commit/9669a912a0e329c094e992204d6bdb8787024d76", "https://github.com/python/cpython/commit/ad4d5ba32af4d80b0dfa2ba9d8203bfb219e60a5", "https://github.com/python/cpython/commit/cbba6119391112aba9c5aebf7b94aea447922c48", "https://github.com/python/cpython/commit/ceac1efc66516ac387eef2c9a0ce671895b44f03", "https://github.com/python/cpython/issues/143930", "https://github.com/python/cpython/pull/143931", "https://linux.oracle.com/cve/CVE-2026-4519.html", "https://linux.oracle.com/errata/ELSA-2026-6473.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/", "https://nvd.nist.gov/vuln/detail/CVE-2026-4519", "https://www.cve.org/CVERecord?id=CVE-2026-4519" ], "PublishedDate": "2026-03-20T15:16:24.057Z", "LastModifiedDate": "2026-03-25T18:16:33.073Z" }, { "VulnerabilityID": "CVE-2026-3644", "PkgID": "python-3.13-base@3.13.12-r1", "PkgName": "python-3.13-base", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r7", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3644", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:a7cfc77f8eda8d115561361bb391efc62599431d4077ee51774a4f3368c0252a", "Title": "cpython: Incomplete control character validation in http.cookies", "Description": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-116" ], "VendorSeverity": { "amazon": 2, "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 5.4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3644", "https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4", "https://github.com/python/cpython/commit/62ceb396fcbe69da1ded3702de586f4072b590dd", "https://github.com/python/cpython/commit/d16ecc6c3626f0e2cc8f08c309c83934e8a979dd", "https://github.com/python/cpython/issues/145599", "https://github.com/python/cpython/pull/145600", "https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/", "https://nvd.nist.gov/vuln/detail/CVE-2026-3644", "https://www.cve.org/CVERecord?id=CVE-2026-3644" ], "PublishedDate": "2026-03-16T18:16:09.907Z", "LastModifiedDate": "2026-03-17T14:20:01.67Z" }, { "VulnerabilityID": "CVE-2026-4224", "PkgID": "python-3.13-base@3.13.12-r1", "PkgName": "python-3.13-base", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r7", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4224", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:c1c07ca1820736b1a81d14ad824a5e52c6aca789e33e8ce5009dcd85d5ea64b7", "Title": "cpython: Stack overflow parsing XML with deeply nested DTD content models", "Description": "When an Expat parser with a registered ElementDeclHandler parses an inline\ndocument type definition containing a deeply nested content model a C stack\noverflow occurs.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/16/4", "https://access.redhat.com/security/cve/CVE-2026-4224", "https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a", "https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3", "https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768", "https://github.com/python/cpython/issues/145986", "https://github.com/python/cpython/pull/145987", "https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/", "https://nvd.nist.gov/vuln/detail/CVE-2026-4224", "https://www.cve.org/CVERecord?id=CVE-2026-4224" ], "PublishedDate": "2026-03-16T18:16:10.07Z", "LastModifiedDate": "2026-03-17T14:20:01.67Z" }, { "VulnerabilityID": "CVE-2026-2297", "PkgID": "python-3.13-base@3.13.12-r1", "PkgName": "python-3.13-base", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2297", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:1a77032333a663d3a53745a0638d99733256be7b434a1d7452d36359b02e419b", "Title": "cpython: CPython: Logging Bypass in Legacy .pyc File Handling", "Description": "The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does not use io.open_code() to read the .pyc files. sys.audit handlers for this audit event therefore do not fire.", "Severity": "LOW", "CweIDs": [ "CWE-668" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/05/6", "https://access.redhat.com/security/cve/CVE-2026-2297", "https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e", "https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e", "https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86", "https://github.com/python/cpython/issues/145506", "https://github.com/python/cpython/pull/145507", "https://nvd.nist.gov/vuln/detail/CVE-2026-2297", "https://www.cve.org/CVERecord?id=CVE-2026-2297" ], "PublishedDate": "2026-03-04T23:16:10.757Z", "LastModifiedDate": "2026-03-12T15:16:27.957Z" } ] }, { "Target": "Node.js", "Class": "lang-pkgs", "Type": "node-pkg", "Packages": [ { "ID": "@gar/promise-retry@1.0.2", "Name": "@gar/promise-retry", "Identifier": { "PURL": "pkg:npm/%40gar/promise-retry@1.0.2", "UID": "1aaf56ed7c84f070", "BOMRef": "pkg:npm/%40gar/promise-retry@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@gar/promise-retry/package.json", "Digest": "sha1:85c1a6717187a21b3cb7799f0a83c288145dfef2" }, { "ID": "@isaacs/balanced-match@4.0.1", "Name": "@isaacs/balanced-match", "Identifier": { "PURL": "pkg:npm/%40isaacs/balanced-match@4.0.1", "UID": "e4c89442094715c6", "BOMRef": "ce301945-6b1e-492b-99f5-f7bb29e907be" }, "Version": "4.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/balanced-match/package.json", "Digest": "sha1:17c25730c5cb82e1d4ee1c212f2b2588dd5a3781" }, { "ID": "@isaacs/balanced-match@4.0.1", "Name": "@isaacs/balanced-match", "Identifier": { "PURL": "pkg:npm/%40isaacs/balanced-match@4.0.1", "UID": "e38277d983769b9b", "BOMRef": "387ab5de-2f4a-4b95-bd11-ef98df6e1056" }, "Version": "4.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/brace-expansion/node_modules/@isaacs/balanced-match/package.json", "Digest": "sha1:17c25730c5cb82e1d4ee1c212f2b2588dd5a3781" }, { "ID": "@isaacs/balanced-match@4.0.1", "Name": "@isaacs/balanced-match", "Identifier": { "PURL": "pkg:npm/%40isaacs/balanced-match@4.0.1", "UID": "2d5a48da79ad15d5", "BOMRef": "6e7b2a33-7fc1-45b7-917d-7425b10fda6b" }, "Version": "4.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/@isaacs/brace-expansion/node_modules/@isaacs/balanced-match/package.json", "Digest": "sha1:17c25730c5cb82e1d4ee1c212f2b2588dd5a3781" }, { "ID": "@isaacs/brace-expansion@5.0.1", "Name": "@isaacs/brace-expansion", "Identifier": { "PURL": "pkg:npm/%40isaacs/brace-expansion@5.0.1", "UID": "5927d07315815be", "BOMRef": "ceeee8cf-50d2-436b-b4de-5c1fa9ef5e9e" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/brace-expansion/package.json", "Digest": "sha1:582e89e8912ed72319d3768c79b15781164e5594" }, { "ID": "@isaacs/brace-expansion@5.0.1", "Name": "@isaacs/brace-expansion", "Identifier": { "PURL": "pkg:npm/%40isaacs/brace-expansion@5.0.1", "UID": "a792d0ae2c77a080", "BOMRef": "46dc5fb9-da88-4cdf-88df-9957a3bd3640" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/@isaacs/brace-expansion/package.json", "Digest": "sha1:582e89e8912ed72319d3768c79b15781164e5594" }, { "ID": "@isaacs/cliui@9.0.0", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@9.0.0", "UID": "589135b33467437f", "BOMRef": "4d37840d-26c4-406d-9d22-8c8ed8fa1697" }, "Version": "9.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/@isaacs/cliui/package.json", "Digest": "sha1:1ce0188abd4792f8dbcd6fede4f6bfc508a2e3fe" }, { "ID": "@isaacs/cliui@9.0.0", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@9.0.0", "UID": "f4b6e8128aca7524", "BOMRef": "5e2bbd1d-8f87-48d2-8c12-b3028acadf70" }, "Version": "9.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/@isaacs/cliui/package.json", "Digest": "sha1:1ce0188abd4792f8dbcd6fede4f6bfc508a2e3fe" }, { "ID": "@isaacs/cliui@9.0.0", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@9.0.0", "UID": "4a1bf4126931cb39", "BOMRef": "59b7fc1b-9377-43a7-afe5-552c9fb2b6be" }, "Version": "9.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/@isaacs/cliui/package.json", "Digest": "sha1:1ce0188abd4792f8dbcd6fede4f6bfc508a2e3fe" }, { "ID": "@isaacs/cliui@9.0.0", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@9.0.0", "UID": "59491f595768e142", "BOMRef": "ccf4bfa1-58c9-472c-9fcc-2857be1b2bca" }, "Version": "9.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/@isaacs/cliui/package.json", "Digest": "sha1:1ce0188abd4792f8dbcd6fede4f6bfc508a2e3fe" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "5c0738ac3c48dea6", "BOMRef": "b0d4f849-cbbc-4965-bf31-0d124eb4f148" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "1d24bccec51ff7a1", "BOMRef": "6a475dd8-d9ec-47e1-9adb-b96b6d076a41" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "d358f7ba7cd92475", "BOMRef": "785b7112-aa7f-40f2-872b-06799f63ea5a" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "195b5e064d72ac4e", "BOMRef": "db81a8fb-40ef-4179-9f34-74f77e877002" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "8bfd6117ed46c845", "BOMRef": "32de7d2e-93b8-445a-a5bf-0c28df29f7da" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "3a1cc9ef576b2925", "BOMRef": "bc11706b-1920-4d87-94a8-b784bc48207d" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/string-locale-compare@1.1.0", "Name": "@isaacs/string-locale-compare", "Identifier": { "PURL": "pkg:npm/%40isaacs/string-locale-compare@1.1.0", "UID": "7a1d2d36e71f837e", "BOMRef": "6e21bcc7-83bd-4206-a0ee-4eb7a63cfc2d" }, "Version": "1.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/string-locale-compare/package.json", "Digest": "sha1:9dc38644ea6f125e3b06825ff04df5ea22f56094" }, { "ID": "@isaacs/string-locale-compare@1.1.0", "Name": "@isaacs/string-locale-compare", "Identifier": { "PURL": "pkg:npm/%40isaacs/string-locale-compare@1.1.0", "UID": "61f31f4f0b3d24e1", "BOMRef": "7a80b043-3dab-496e-96ed-e349eb9919a2" }, "Version": "1.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@isaacs/string-locale-compare/package.json", "Digest": "sha1:9dc38644ea6f125e3b06825ff04df5ea22f56094" }, { "ID": "@npmcli/agent@4.0.0", "Name": "@npmcli/agent", "Identifier": { "PURL": "pkg:npm/%40npmcli/agent@4.0.0", "UID": "a094c0720362c0a6", "BOMRef": "3573daf2-5703-467a-b7fe-38bd5368ecac" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/agent/package.json", "Digest": "sha1:48e34f21103faf00d9c60756e62dee09494be465" }, { "ID": "@npmcli/agent@4.0.0", "Name": "@npmcli/agent", "Identifier": { "PURL": "pkg:npm/%40npmcli/agent@4.0.0", "UID": "1fda3a299602366", "BOMRef": "1df4a847-0119-401c-811a-74912345f4fc" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/agent/package.json", "Digest": "sha1:48e34f21103faf00d9c60756e62dee09494be465" }, { "ID": "@npmcli/arborist@9.1.10", "Name": "@npmcli/arborist", "Identifier": { "PURL": "pkg:npm/%40npmcli/arborist@9.1.10", "UID": "f40284a133adaf4", "BOMRef": "pkg:npm/%40npmcli/arborist@9.1.10" }, "Version": "9.1.10", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/arborist/package.json", "Digest": "sha1:8e4589e96293dc11053236ce210a3e55de99e7b9" }, { "ID": "@npmcli/arborist@9.4.0", "Name": "@npmcli/arborist", "Identifier": { "PURL": "pkg:npm/%40npmcli/arborist@9.4.0", "UID": "716cf22bad19062b", "BOMRef": "pkg:npm/%40npmcli/arborist@9.4.0" }, "Version": "9.4.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/package.json", "Digest": "sha1:4dffd9d49bb5c28f83f8741799d6368e71ac0d4f" }, { "ID": "@npmcli/config@10.5.0", "Name": "@npmcli/config", "Identifier": { "PURL": "pkg:npm/%40npmcli/config@10.5.0", "UID": "da75acc50e2e85c8", "BOMRef": "pkg:npm/%40npmcli/config@10.5.0" }, "Version": "10.5.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/config/package.json", "Digest": "sha1:3ff7c610ec3542ff18bc54df984f23a2c29f06aa" }, { "ID": "@npmcli/config@10.7.1", "Name": "@npmcli/config", "Identifier": { "PURL": "pkg:npm/%40npmcli/config@10.7.1", "UID": "a3bb955ce5706526", "BOMRef": "pkg:npm/%40npmcli/config@10.7.1" }, "Version": "10.7.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/config/package.json", "Digest": "sha1:779af7712d5765f5b69dc3f99ae8dfb2d6600e1c" }, { "ID": "@npmcli/fs@5.0.0", "Name": "@npmcli/fs", "Identifier": { "PURL": "pkg:npm/%40npmcli/fs@5.0.0", "UID": "4ff93ba69d8f7cb5", "BOMRef": "7d2d4735-3df2-477a-8b7a-46033a700cc3" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/fs/package.json", "Digest": "sha1:3a4053128a62fd9581012b83ef531b95397167e3" }, { "ID": "@npmcli/fs@5.0.0", "Name": "@npmcli/fs", "Identifier": { "PURL": "pkg:npm/%40npmcli/fs@5.0.0", "UID": "46760e15e1c02714", "BOMRef": "8decf956-f642-4aad-8ff5-ff1b7519e1c5" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/fs/package.json", "Digest": "sha1:3a4053128a62fd9581012b83ef531b95397167e3" }, { "ID": "@npmcli/git@7.0.1", "Name": "@npmcli/git", "Identifier": { "PURL": "pkg:npm/%40npmcli/git@7.0.1", "UID": "2e8f3b0e98d318d1", "BOMRef": "pkg:npm/%40npmcli/git@7.0.1" }, "Version": "7.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/git/package.json", "Digest": "sha1:d74915bdb0a742b4c720d33fff12917072da12ab" }, { "ID": "@npmcli/git@7.0.2", "Name": "@npmcli/git", "Identifier": { "PURL": "pkg:npm/%40npmcli/git@7.0.2", "UID": "655c56fbdc7a89d6", "BOMRef": "pkg:npm/%40npmcli/git@7.0.2" }, "Version": "7.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/git/package.json", "Digest": "sha1:3ef6957cc9f0604d0b1b9c368be2d9d562f0a2ca" }, { "ID": "@npmcli/installed-package-contents@4.0.0", "Name": "@npmcli/installed-package-contents", "Identifier": { "PURL": "pkg:npm/%40npmcli/installed-package-contents@4.0.0", "UID": "440a951d557604ce", "BOMRef": "2e6f009b-0ab9-488d-8784-f49f2ed63c84" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/installed-package-contents/package.json", "Digest": "sha1:189051543dd09896a1c31f80390afe0b5306d4c0" }, { "ID": "@npmcli/installed-package-contents@4.0.0", "Name": "@npmcli/installed-package-contents", "Identifier": { "PURL": "pkg:npm/%40npmcli/installed-package-contents@4.0.0", "UID": "d86778c93f96ce61", "BOMRef": "51d9260f-3645-419d-93eb-36a3a6dbeac8" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/installed-package-contents/package.json", "Digest": "sha1:189051543dd09896a1c31f80390afe0b5306d4c0" }, { "ID": "@npmcli/map-workspaces@5.0.3", "Name": "@npmcli/map-workspaces", "Identifier": { "PURL": "pkg:npm/%40npmcli/map-workspaces@5.0.3", "UID": "2a479f041df4627c", "BOMRef": "11b696b1-a14d-4ca9-97cf-50eb27df39cf" }, "Version": "5.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/map-workspaces/package.json", "Digest": "sha1:9b2b024266bb8c342ed0bfbefb1c48a7d9b0c015" }, { "ID": "@npmcli/map-workspaces@5.0.3", "Name": "@npmcli/map-workspaces", "Identifier": { "PURL": "pkg:npm/%40npmcli/map-workspaces@5.0.3", "UID": "a225792cc9c776a0", "BOMRef": "6712bd9b-20e9-4ca0-b709-3a96f18c59d2" }, "Version": "5.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/map-workspaces/package.json", "Digest": "sha1:9b2b024266bb8c342ed0bfbefb1c48a7d9b0c015" }, { "ID": "@npmcli/metavuln-calculator@9.0.3", "Name": "@npmcli/metavuln-calculator", "Identifier": { "PURL": "pkg:npm/%40npmcli/metavuln-calculator@9.0.3", "UID": "659e073175206a55", "BOMRef": "a1cad2f0-b67e-4d1e-bbd9-dec5a0cc41ae" }, "Version": "9.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/metavuln-calculator/package.json", "Digest": "sha1:ef331816f66b624d692f45b26c2e6a910767656c" }, { "ID": "@npmcli/metavuln-calculator@9.0.3", "Name": "@npmcli/metavuln-calculator", "Identifier": { "PURL": "pkg:npm/%40npmcli/metavuln-calculator@9.0.3", "UID": "1ab834fa2f0d60c0", "BOMRef": "46a8f2f7-cb46-434a-bb44-8a0cb777f9bd" }, "Version": "9.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/metavuln-calculator/package.json", "Digest": "sha1:ef331816f66b624d692f45b26c2e6a910767656c" }, { "ID": "@npmcli/name-from-folder@4.0.0", "Name": "@npmcli/name-from-folder", "Identifier": { "PURL": "pkg:npm/%40npmcli/name-from-folder@4.0.0", "UID": "5f07649fc1f022dd", "BOMRef": "29d19983-e9a7-41c0-aeb0-80d747b54a14" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/name-from-folder/package.json", "Digest": "sha1:4d3174b80cc1b257fa96b098c95e27ffaff5b659" }, { "ID": "@npmcli/name-from-folder@4.0.0", "Name": "@npmcli/name-from-folder", "Identifier": { "PURL": "pkg:npm/%40npmcli/name-from-folder@4.0.0", "UID": "97caeeb8a9eeafc8", "BOMRef": "9745c583-1f21-41fd-8ae8-deb44ac5a4b0" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/name-from-folder/package.json", "Digest": "sha1:4d3174b80cc1b257fa96b098c95e27ffaff5b659" }, { "ID": "@npmcli/node-gyp@5.0.0", "Name": "@npmcli/node-gyp", "Identifier": { "PURL": "pkg:npm/%40npmcli/node-gyp@5.0.0", "UID": "df303518bb08ee76", "BOMRef": "224e1519-a28d-446c-8831-a2ba5b054e6c" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/node-gyp/package.json", "Digest": "sha1:c2549c9809a38abb866596530702d0de2c0cdc44" }, { "ID": "@npmcli/node-gyp@5.0.0", "Name": "@npmcli/node-gyp", "Identifier": { "PURL": "pkg:npm/%40npmcli/node-gyp@5.0.0", "UID": "c77652f95ac10f5b", "BOMRef": "f4f944e7-6b93-42f6-a6f7-a87af3d00895" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/node-gyp/package.json", "Digest": "sha1:c2549c9809a38abb866596530702d0de2c0cdc44" }, { "ID": "@npmcli/package-json@7.0.4", "Name": "@npmcli/package-json", "Identifier": { "PURL": "pkg:npm/%40npmcli/package-json@7.0.4", "UID": "43572f916727d9c", "BOMRef": "pkg:npm/%40npmcli/package-json@7.0.4" }, "Version": "7.0.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/package-json/package.json", "Digest": "sha1:765d7c3731b2abc0d33fd2c548968251527de7a4" }, { "ID": "@npmcli/package-json@7.0.5", "Name": "@npmcli/package-json", "Identifier": { "PURL": "pkg:npm/%40npmcli/package-json@7.0.5", "UID": "69fbbb2c0a99db05", "BOMRef": "pkg:npm/%40npmcli/package-json@7.0.5" }, "Version": "7.0.5", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/package-json/package.json", "Digest": "sha1:6f10f890a1dd14676d61faee4d379c06ec93502e" }, { "ID": "@npmcli/promise-spawn@9.0.1", "Name": "@npmcli/promise-spawn", "Identifier": { "PURL": "pkg:npm/%40npmcli/promise-spawn@9.0.1", "UID": "5dd2d796e82e9da", "BOMRef": "e61bce96-93fa-413d-9ef0-862fdac91fe0" }, "Version": "9.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/promise-spawn/package.json", "Digest": "sha1:8cc9163ac59ee91de9240a11723d8701fa80317e" }, { "ID": "@npmcli/promise-spawn@9.0.1", "Name": "@npmcli/promise-spawn", "Identifier": { "PURL": "pkg:npm/%40npmcli/promise-spawn@9.0.1", "UID": "3f85b16eea20f63f", "BOMRef": "5c72b64c-b51c-48c6-af1c-495112ae77e0" }, "Version": "9.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/promise-spawn/package.json", "Digest": "sha1:8cc9163ac59ee91de9240a11723d8701fa80317e" }, { "ID": "@npmcli/query@5.0.0", "Name": "@npmcli/query", "Identifier": { "PURL": "pkg:npm/%40npmcli/query@5.0.0", "UID": "e6f45e607581bd44", "BOMRef": "bf836b23-3963-4a24-89f9-bff5896abfc1" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/query/package.json", "Digest": "sha1:f56866b082e0015fbbe60b12d303c71b778af0e1" }, { "ID": "@npmcli/query@5.0.0", "Name": "@npmcli/query", "Identifier": { "PURL": "pkg:npm/%40npmcli/query@5.0.0", "UID": "53ceb6a37c471490", "BOMRef": "72d19974-9a19-4de5-923c-159bf734b923" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/query/package.json", "Digest": "sha1:f56866b082e0015fbbe60b12d303c71b778af0e1" }, { "ID": "@npmcli/redact@4.0.0", "Name": "@npmcli/redact", "Identifier": { "PURL": "pkg:npm/%40npmcli/redact@4.0.0", "UID": "e9a969cf27b2544f", "BOMRef": "a5d13602-b86a-4938-9fc4-c795ca290744" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/redact/package.json", "Digest": "sha1:e81d178ea5aac085222f1c853a9b42fb0cc96a46" }, { "ID": "@npmcli/redact@4.0.0", "Name": "@npmcli/redact", "Identifier": { "PURL": "pkg:npm/%40npmcli/redact@4.0.0", "UID": "20ad0c1b7cab5739", "BOMRef": "3fae7df0-c1bc-47d3-be57-be1dec8b8496" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/redact/package.json", "Digest": "sha1:e81d178ea5aac085222f1c853a9b42fb0cc96a46" }, { "ID": "@npmcli/run-script@10.0.3", "Name": "@npmcli/run-script", "Identifier": { "PURL": "pkg:npm/%40npmcli/run-script@10.0.3", "UID": "bc1f81aa1e370f1f", "BOMRef": "6fb289a3-f11c-437d-882f-828c0478407b" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/run-script/package.json", "Digest": "sha1:d9a49385f1a06449642c48bcb52f9600898eb65f" }, { "ID": "@npmcli/run-script@10.0.3", "Name": "@npmcli/run-script", "Identifier": { "PURL": "pkg:npm/%40npmcli/run-script@10.0.3", "UID": "d34418696446807e", "BOMRef": "84606476-ac91-4e23-9af2-3c9b3c481671" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/run-script/package.json", "Digest": "sha1:d9a49385f1a06449642c48bcb52f9600898eb65f" }, { "ID": "@prisma/client@5.4.2", "Name": "@prisma/client", "Identifier": { "PURL": "pkg:npm/%40prisma/client@5.4.2", "UID": "9ec7e82f80380279", "BOMRef": "pkg:npm/%40prisma/client@5.4.2" }, "Version": "5.4.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:89c9cfeb56ed9047a91c8dd00f3f366edcf6ebbef3b177a644d756ca718d2e14", "DiffID": "sha256:07fcf3e52c621be9e5ca0b1a145d6d837660b940a703a69f02ad054edd58af5a" }, "FilePath": "root/.cache/prisma-python/binaries/5.4.2/ac9d7041ed77bcc8a8dbd2ab6616b39013829574/node_modules/prisma/prisma-client/package.json", "Digest": "sha1:067a3cf4b08bb66df88691a278bd21a778474e60" }, { "ID": "@prisma/engines@5.4.2", "Name": "@prisma/engines", "Identifier": { "PURL": "pkg:npm/%40prisma/engines@5.4.2", "UID": "5c12e2cb5bcf15db", "BOMRef": "pkg:npm/%40prisma/engines@5.4.2" }, "Version": "5.4.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:89c9cfeb56ed9047a91c8dd00f3f366edcf6ebbef3b177a644d756ca718d2e14", "DiffID": "sha256:07fcf3e52c621be9e5ca0b1a145d6d837660b940a703a69f02ad054edd58af5a" }, "FilePath": "root/.cache/prisma-python/binaries/5.4.2/ac9d7041ed77bcc8a8dbd2ab6616b39013829574/node_modules/@prisma/engines/package.json", "Digest": "sha1:27f640d9b356e0726de8c28f78eb8ad1c8bf1dd9" }, { "ID": "@sigstore/bundle@4.0.0", "Name": "@sigstore/bundle", "Identifier": { "PURL": "pkg:npm/%40sigstore/bundle@4.0.0", "UID": "c5b3afb9a5988412", "BOMRef": "ed6def01-134b-47c9-9f4a-002043b17b9c" }, "Version": "4.0.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/bundle/package.json", "Digest": "sha1:1d6ca2f018ec884e6df5424d8d7fc6818d64c3b4" }, { "ID": "@sigstore/bundle@4.0.0", "Name": "@sigstore/bundle", "Identifier": { "PURL": "pkg:npm/%40sigstore/bundle@4.0.0", "UID": "8f89d45325b12c9c", "BOMRef": "db5a2966-c786-46fe-9d5e-e6563dfe07fe" }, "Version": "4.0.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/bundle/package.json", "Digest": "sha1:1d6ca2f018ec884e6df5424d8d7fc6818d64c3b4" }, { "ID": "@sigstore/core@3.1.0", "Name": "@sigstore/core", "Identifier": { "PURL": "pkg:npm/%40sigstore/core@3.1.0", "UID": "a0822c4f23949ff8", "BOMRef": "223555dc-27f4-47fd-80ed-54c8acff111c" }, "Version": "3.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/core/package.json", "Digest": "sha1:1b171001ef4ffeaaab9d24334adcb37c669acb60" }, { "ID": "@sigstore/core@3.1.0", "Name": "@sigstore/core", "Identifier": { "PURL": "pkg:npm/%40sigstore/core@3.1.0", "UID": "eae8a2b0f85a6146", "BOMRef": "18b1ec81-d015-483c-b0e7-edd2613fdeb2" }, "Version": "3.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/core/package.json", "Digest": "sha1:1b171001ef4ffeaaab9d24334adcb37c669acb60" }, { "ID": "@sigstore/protobuf-specs@0.5.0", "Name": "@sigstore/protobuf-specs", "Identifier": { "PURL": "pkg:npm/%40sigstore/protobuf-specs@0.5.0", "UID": "3335c9616e807845", "BOMRef": "7dd967c9-f214-44cc-9dd8-a417656df85a" }, "Version": "0.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/protobuf-specs/package.json", "Digest": "sha1:883da1dcb03a5b8e4ba41bd5e8db239c9c17392b" }, { "ID": "@sigstore/protobuf-specs@0.5.0", "Name": "@sigstore/protobuf-specs", "Identifier": { "PURL": "pkg:npm/%40sigstore/protobuf-specs@0.5.0", "UID": "62c270632f984f15", "BOMRef": "0575c675-8e28-43b2-964f-af4e06a732f5" }, "Version": "0.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/protobuf-specs/package.json", "Digest": "sha1:883da1dcb03a5b8e4ba41bd5e8db239c9c17392b" }, { "ID": "@sigstore/sign@4.1.0", "Name": "@sigstore/sign", "Identifier": { "PURL": "pkg:npm/%40sigstore/sign@4.1.0", "UID": "6826129b000545f2", "BOMRef": "5a8ccfdd-08da-4210-bdf3-ead3cd509ae7" }, "Version": "4.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/sign/package.json", "Digest": "sha1:191dce764e0717fa6f8ae2e214e69421c6fd5797" }, { "ID": "@sigstore/sign@4.1.0", "Name": "@sigstore/sign", "Identifier": { "PURL": "pkg:npm/%40sigstore/sign@4.1.0", "UID": "2822e9e57ffd9991", "BOMRef": "93087a6b-f7aa-4e4d-8844-9f4073bad845" }, "Version": "4.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/sign/package.json", "Digest": "sha1:191dce764e0717fa6f8ae2e214e69421c6fd5797" }, { "ID": "@sigstore/tuf@4.0.1", "Name": "@sigstore/tuf", "Identifier": { "PURL": "pkg:npm/%40sigstore/tuf@4.0.1", "UID": "f1b7c7f8490d05b6", "BOMRef": "c7f8ca81-90a5-416a-b2a8-fbe3164bd588" }, "Version": "4.0.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/tuf/package.json", "Digest": "sha1:6e166263107e702af9d17595f800a6e6498a7726" }, { "ID": "@sigstore/tuf@4.0.1", "Name": "@sigstore/tuf", "Identifier": { "PURL": "pkg:npm/%40sigstore/tuf@4.0.1", "UID": "1c520ce16f05340", "BOMRef": "5f26749f-acf1-4149-9648-8f569c0f3ddc" }, "Version": "4.0.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/tuf/package.json", "Digest": "sha1:6e166263107e702af9d17595f800a6e6498a7726" }, { "ID": "@sigstore/verify@3.1.0", "Name": "@sigstore/verify", "Identifier": { "PURL": "pkg:npm/%40sigstore/verify@3.1.0", "UID": "3f4292a26e690bd0", "BOMRef": "b147ae95-1e4a-444e-8f5f-410c1a3b698e" }, "Version": "3.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/verify/package.json", "Digest": "sha1:4523305db384269754d0fab04bacf31ca05ad1be" }, { "ID": "@sigstore/verify@3.1.0", "Name": "@sigstore/verify", "Identifier": { "PURL": "pkg:npm/%40sigstore/verify@3.1.0", "UID": "4490cd7690f810f2", "BOMRef": "8546a37c-96ea-4909-9f55-6804935a9da2" }, "Version": "3.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/verify/package.json", "Digest": "sha1:4523305db384269754d0fab04bacf31ca05ad1be" }, { "ID": "@tufjs/canonical-json@2.0.0", "Name": "@tufjs/canonical-json", "Identifier": { "PURL": "pkg:npm/%40tufjs/canonical-json@2.0.0", "UID": "16d6e7eb4969522a", "BOMRef": "dc7ff0d5-3da1-4968-998c-d1359acccbb8" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@tufjs/canonical-json/package.json", "Digest": "sha1:5af11d14b15be3f1dc8a1195100ea60de40325c9" }, { "ID": "@tufjs/canonical-json@2.0.0", "Name": "@tufjs/canonical-json", "Identifier": { "PURL": "pkg:npm/%40tufjs/canonical-json@2.0.0", "UID": "7b1e9cb6e9c5507b", "BOMRef": "5e9d8f92-64c0-40a4-8d69-5d7309231c09" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@tufjs/canonical-json/package.json", "Digest": "sha1:5af11d14b15be3f1dc8a1195100ea60de40325c9" }, { "ID": "@tufjs/models@4.1.0", "Name": "@tufjs/models", "Identifier": { "PURL": "pkg:npm/%40tufjs/models@4.1.0", "UID": "5b943e592f0cd374", "BOMRef": "ee234641-bb82-4701-80e1-69e91ea7bdbc" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@tufjs/models/package.json", "Digest": "sha1:2ac6b88622c667e4c6582d32bbb21276b6781c61" }, { "ID": "@tufjs/models@4.1.0", "Name": "@tufjs/models", "Identifier": { "PURL": "pkg:npm/%40tufjs/models@4.1.0", "UID": "7e07d39fc771a821", "BOMRef": "99ae4ad9-8997-4d8b-b9a6-cb85d45b09b0" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@tufjs/models/package.json", "Digest": "sha1:2ac6b88622c667e4c6582d32bbb21276b6781c61" }, { "ID": "abbrev@4.0.0", "Name": "abbrev", "Identifier": { "PURL": "pkg:npm/abbrev@4.0.0", "UID": "b8b7dd69089fe4cd", "BOMRef": "292a773b-4f9f-49d6-a0a5-b58960d9b6ec" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/abbrev/package.json", "Digest": "sha1:6869bc2da89cbb7aba0c148aefa7e8fc43456128" }, { "ID": "abbrev@4.0.0", "Name": "abbrev", "Identifier": { "PURL": "pkg:npm/abbrev@4.0.0", "UID": "b984f537d2908746", "BOMRef": "40de82ed-f8c3-4377-b7c7-f4b2ec6370f3" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/abbrev/package.json", "Digest": "sha1:6869bc2da89cbb7aba0c148aefa7e8fc43456128" }, { "ID": "agent-base@7.1.4", "Name": "agent-base", "Identifier": { "PURL": "pkg:npm/agent-base@7.1.4", "UID": "f9dd07ba678e9bea", "BOMRef": "78ec4a95-3d66-4339-959f-cd1e76f774c1" }, "Version": "7.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/agent-base/package.json", "Digest": "sha1:126adbedcff6faa6826eca63c75e9193237ab10b" }, { "ID": "agent-base@7.1.4", "Name": "agent-base", "Identifier": { "PURL": "pkg:npm/agent-base@7.1.4", "UID": "e9dfddd396584520", "BOMRef": "f8a4b63c-3153-4947-91ee-b6d623d1609c" }, "Version": "7.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/agent-base/package.json", "Digest": "sha1:126adbedcff6faa6826eca63c75e9193237ab10b" }, { "ID": "ansi-regex@5.0.1", "Name": "ansi-regex", "Identifier": { "PURL": "pkg:npm/ansi-regex@5.0.1", "UID": "81592ede30ac5e4e", "BOMRef": "pkg:npm/ansi-regex@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ansi-regex/package.json", "Digest": "sha1:f1b78e043012e1ab5689d57377093e88f1400677" }, { "ID": "aproba@2.1.0", "Name": "aproba", "Identifier": { "PURL": "pkg:npm/aproba@2.1.0", "UID": "83c2416ebb30a95", "BOMRef": "a561fd80-6789-47b2-a405-c97ff4454ba7" }, "Version": "2.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/aproba/package.json", "Digest": "sha1:1cc57d456b29f580ef93bb2fee5566d3e3285009" }, { "ID": "aproba@2.1.0", "Name": "aproba", "Identifier": { "PURL": "pkg:npm/aproba@2.1.0", "UID": "9ffef02f1fb82989", "BOMRef": "9475505b-d3d6-4ffe-8501-0e5f8a8bb116" }, "Version": "2.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/aproba/package.json", "Digest": "sha1:1cc57d456b29f580ef93bb2fee5566d3e3285009" }, { "ID": "archy@1.0.0", "Name": "archy", "Identifier": { "PURL": "pkg:npm/archy@1.0.0", "UID": "15bc8d0dc508f3f1", "BOMRef": "20dcd3b7-b716-4b13-8c35-28547780f7a7" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/archy/package.json", "Digest": "sha1:3bd81e8f9d8e79057497b7473c6eac4f3d519149" }, { "ID": "archy@1.0.0", "Name": "archy", "Identifier": { "PURL": "pkg:npm/archy@1.0.0", "UID": "6fcf232d2fb17834", "BOMRef": "574e82a9-b1c7-46e9-a5ae-920b95d3697e" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/archy/package.json", "Digest": "sha1:3bd81e8f9d8e79057497b7473c6eac4f3d519149" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "ea493ea3cf66c72e", "BOMRef": "7f1d9833-3c97-4bd2-b347-b934996e7a97" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/minimatch/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "87b916221b61348", "BOMRef": "09eeca97-9435-4817-b934-5d05bc34cccb" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "1abd65ef2e641b24", "BOMRef": "67e42da9-dc1e-426d-8b62-5d3fc11c75c1" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/minimatch/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "5702cd0ccfb39dc3", "BOMRef": "a43c3771-1724-4225-ad59-6e835b4f9f84" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "6b0e51683f8e7c00", "BOMRef": "f9042abf-075e-402d-9dfc-31fb40e39f45" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minimatch/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "bin-links@6.0.0", "Name": "bin-links", "Identifier": { "PURL": "pkg:npm/bin-links@6.0.0", "UID": "8004a39fd1367d6b", "BOMRef": "042f1e79-7921-4f92-9168-281c8f39c15e" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/bin-links/package.json", "Digest": "sha1:93d3777b34117955d6d5e16ab5342b65b8a21d46" }, { "ID": "bin-links@6.0.0", "Name": "bin-links", "Identifier": { "PURL": "pkg:npm/bin-links@6.0.0", "UID": "4cec27c0df943479", "BOMRef": "2ba2f223-912a-4f55-a41c-6be648366ba8" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/bin-links/package.json", "Digest": "sha1:93d3777b34117955d6d5e16ab5342b65b8a21d46" }, { "ID": "binary-extensions@3.1.0", "Name": "binary-extensions", "Identifier": { "PURL": "pkg:npm/binary-extensions@3.1.0", "UID": "6361bfa69cd4eb1", "BOMRef": "8e36aa1f-cda4-4783-83fc-759bcf84236b" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/binary-extensions/package.json", "Digest": "sha1:fd41784d905c4769ecd7a2045234bf3336b20240" }, { "ID": "binary-extensions@3.1.0", "Name": "binary-extensions", "Identifier": { "PURL": "pkg:npm/binary-extensions@3.1.0", "UID": "5f6cdc4c40cf6553", "BOMRef": "2cd333f6-9d6a-4c41-83a1-bc5d0ed94c3e" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/binary-extensions/package.json", "Digest": "sha1:fd41784d905c4769ecd7a2045234bf3336b20240" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "4b48f7610ea4cdde", "BOMRef": "d8b02cde-db7e-409c-a5ec-18a169b0d284" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "9cb4bf71c3b490d8", "BOMRef": "1d8df93f-7a35-45a2-b99c-3a07fb64735a" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "c1f122803d4c7a56", "BOMRef": "40948995-646f-4f41-af92-749140ef80b1" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/minimatch/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "c33880c17f10cc2", "BOMRef": "881a51e6-9c4e-49de-8513-3bea4a09b2a3" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "5fe2690d58dd1cd0", "BOMRef": "42007afd-20f6-4f0d-b966-e61f11fe1836" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "cacache@20.0.3", "Name": "cacache", "Identifier": { "PURL": "pkg:npm/cacache@20.0.3", "UID": "f1e901e9265527a7", "BOMRef": "027dce1c-b775-4c70-8f8c-f56355ad962d" }, "Version": "20.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cacache/package.json", "Digest": "sha1:794ddf6857b8e0a3ab5e8b853a874fedd196d468" }, { "ID": "cacache@20.0.3", "Name": "cacache", "Identifier": { "PURL": "pkg:npm/cacache@20.0.3", "UID": "8ebb8b312070ca1c", "BOMRef": "77e4369f-b437-4691-942b-e1775a4d337a" }, "Version": "20.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/cacache/package.json", "Digest": "sha1:794ddf6857b8e0a3ab5e8b853a874fedd196d468" }, { "ID": "chalk@5.6.2", "Name": "chalk", "Identifier": { "PURL": "pkg:npm/chalk@5.6.2", "UID": "27329ccadf8d6f83", "BOMRef": "0a0c65e3-c83c-40a5-be14-4e431d4fd8ae" }, "Version": "5.6.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/chalk/package.json", "Digest": "sha1:468d2997b68c367664e82a1d1b8bc344c65a52f6" }, { "ID": "chalk@5.6.2", "Name": "chalk", "Identifier": { "PURL": "pkg:npm/chalk@5.6.2", "UID": "1ea6d204088d8aeb", "BOMRef": "77c57957-f202-4b40-b58e-8acd9a59babb" }, "Version": "5.6.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/chalk/package.json", "Digest": "sha1:468d2997b68c367664e82a1d1b8bc344c65a52f6" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "688743bc6f5ac074", "BOMRef": "9046898e-c8ee-4776-bdd4-4f41855af193" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "527fa910c1ab6b13", "BOMRef": "ca662466-edd4-40c8-93e9-2921a623facc" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "119a6bd480f93e66", "BOMRef": "c62478a1-946b-4700-b9ae-8cc10a52b2cd" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "4fe7f3bb10ad59b8", "BOMRef": "0d77db8d-ffe4-4370-9ad3-84aa5161617b" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "7addcfad32b56ebe", "BOMRef": "e0bdfdc0-45ed-49a3-837c-1d1daac071c5" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "17b4a0d26a54bed0", "BOMRef": "91745665-25f9-42bc-a193-170df3f14871" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "ci-info@4.3.1", "Name": "ci-info", "Identifier": { "PURL": "pkg:npm/ci-info@4.3.1", "UID": "664b438a06f70a99", "BOMRef": "pkg:npm/ci-info@4.3.1" }, "Version": "4.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ci-info/package.json", "Digest": "sha1:6b3b12a5534f6e76cb13a851250efc1bb7e5ff21" }, { "ID": "ci-info@4.4.0", "Name": "ci-info", "Identifier": { "PURL": "pkg:npm/ci-info@4.4.0", "UID": "e8faea8cfcc4df9b", "BOMRef": "pkg:npm/ci-info@4.4.0" }, "Version": "4.4.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ci-info/package.json", "Digest": "sha1:e2623b66b993dca3177e444bd44a85376724c11d" }, { "ID": "cidr-regex@5.0.1", "Name": "cidr-regex", "Identifier": { "PURL": "pkg:npm/cidr-regex@5.0.1", "UID": "652dab061deabebe", "BOMRef": "pkg:npm/cidr-regex@5.0.1" }, "Version": "5.0.1", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cidr-regex/package.json", "Digest": "sha1:472161dcb9eaebd9f280a0b36172ba21f93a9b86" }, { "ID": "cidr-regex@5.0.3", "Name": "cidr-regex", "Identifier": { "PURL": "pkg:npm/cidr-regex@5.0.3", "UID": "2bdb81474cb035fe", "BOMRef": "pkg:npm/cidr-regex@5.0.3" }, "Version": "5.0.3", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/cidr-regex/package.json", "Digest": "sha1:e6f201f195a92eda4aa01dca4b73641ac79e1d89" }, { "ID": "cli-columns@4.0.0", "Name": "cli-columns", "Identifier": { "PURL": "pkg:npm/cli-columns@4.0.0", "UID": "ff9e5dbc72e6230b", "BOMRef": "pkg:npm/cli-columns@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cli-columns/package.json", "Digest": "sha1:06c7ce3d82ba512eafa34bab2566bcce77d4beb9" }, { "ID": "cmd-shim@8.0.0", "Name": "cmd-shim", "Identifier": { "PURL": "pkg:npm/cmd-shim@8.0.0", "UID": "6d3b7a2e2cbc5fc7", "BOMRef": "1d9f3ffd-294f-49d0-aa6e-ca7bf9419cc0" }, "Version": "8.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cmd-shim/package.json", "Digest": "sha1:bd1a460fd1e14f3dd73e03a0b21fc6e8bb60bfff" }, { "ID": "cmd-shim@8.0.0", "Name": "cmd-shim", "Identifier": { "PURL": "pkg:npm/cmd-shim@8.0.0", "UID": "29511851c04b24b3", "BOMRef": "6458e48e-f760-48e5-b474-975817918020" }, "Version": "8.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/cmd-shim/package.json", "Digest": "sha1:bd1a460fd1e14f3dd73e03a0b21fc6e8bb60bfff" }, { "ID": "common-ancestor-path@2.0.0", "Name": "common-ancestor-path", "Identifier": { "PURL": "pkg:npm/common-ancestor-path@2.0.0", "UID": "a2b16110820b51d7", "BOMRef": "c9d25aaa-38e2-48e4-88a6-a1af68811894" }, "Version": "2.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/common-ancestor-path/package.json", "Digest": "sha1:8036c99c2d18b8840dc4aa274be9fbe844e9e16f" }, { "ID": "common-ancestor-path@2.0.0", "Name": "common-ancestor-path", "Identifier": { "PURL": "pkg:npm/common-ancestor-path@2.0.0", "UID": "4dc27a0d46071e1c", "BOMRef": "770fcea9-2767-4099-ade3-5d9f7ce4b78c" }, "Version": "2.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/common-ancestor-path/package.json", "Digest": "sha1:8036c99c2d18b8840dc4aa274be9fbe844e9e16f" }, { "ID": "corepack@0.34.6", "Name": "corepack", "Identifier": { "PURL": "pkg:npm/corepack@0.34.6", "UID": "6c36e861656690e3", "BOMRef": "pkg:npm/corepack@0.34.6" }, "Version": "0.34.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/corepack/package.json", "Digest": "sha1:5c7c6859a36c05736c52ecdc731bfa3499ff31fb" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "c7d16a29ab850f92", "BOMRef": "176e9179-9bcb-4fbf-8f0d-aa5d999b1bcd" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/cross-spawn/package.json", "Digest": "sha1:9becaa8ecb51ad9b303dd62369423cb9f287163a" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "ad7694d313c223a0", "BOMRef": "92837de6-a6fc-42d4-8cfa-0cb67fedf73b" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/cross-spawn/package.json", "Digest": "sha1:9becaa8ecb51ad9b303dd62369423cb9f287163a" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "ee08dae51260f055", "BOMRef": "fbd5f5b6-2b23-401b-9da0-66ca5d8acca9" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/cross-spawn/package.json", "Digest": "sha1:9becaa8ecb51ad9b303dd62369423cb9f287163a" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "3869b712c8dceda7", "BOMRef": "98f8d50c-726a-4330-b01e-273693cc2014" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/cross-spawn/package.json", "Digest": "sha1:9becaa8ecb51ad9b303dd62369423cb9f287163a" }, { "ID": "cssesc@3.0.0", "Name": "cssesc", "Identifier": { "PURL": "pkg:npm/cssesc@3.0.0", "UID": "20f6deba8962346a", "BOMRef": "91765d80-aead-4fb8-89af-0287a5995ee2" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cssesc/package.json", "Digest": "sha1:3a37cece4f715e91ef0aed027baea0039bb20087" }, { "ID": "cssesc@3.0.0", "Name": "cssesc", "Identifier": { "PURL": "pkg:npm/cssesc@3.0.0", "UID": "4d4ebd3d0858ed62", "BOMRef": "97f4d599-c35f-434d-9330-618e9a0442f9" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/cssesc/package.json", "Digest": "sha1:3a37cece4f715e91ef0aed027baea0039bb20087" }, { "ID": "debug@4.4.3", "Name": "debug", "Identifier": { "PURL": "pkg:npm/debug@4.4.3", "UID": "eb3a4879cb3b0964", "BOMRef": "218f5cff-a7b5-4d32-8ac5-afa3e68c151b" }, "Version": "4.4.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/debug/package.json", "Digest": "sha1:f1c3de400f61581ce6d6d43f9ec4c456cb8017f7" }, { "ID": "debug@4.4.3", "Name": "debug", "Identifier": { "PURL": "pkg:npm/debug@4.4.3", "UID": "37c82c14a8001e3", "BOMRef": "0112e91f-abec-4c6a-a486-5b3031552f96" }, "Version": "4.4.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/debug/package.json", "Digest": "sha1:f1c3de400f61581ce6d6d43f9ec4c456cb8017f7" }, { "ID": "diff@8.0.3", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@8.0.3", "UID": "48057996e87b8c2d", "BOMRef": "21c3d709-4685-4c7d-94af-f4d337137894" }, "Version": "8.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/diff/package.json", "Digest": "sha1:ee7acad3ce516cc674e0a88afbb6964bb88e355d" }, { "ID": "diff@8.0.3", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@8.0.3", "UID": "4c536e26d57eca4f", "BOMRef": "e463b766-2236-4e9a-83f0-f433617e4f76" }, "Version": "8.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/diff/package.json", "Digest": "sha1:ee7acad3ce516cc674e0a88afbb6964bb88e355d" }, { "ID": "diff@8.0.3", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@8.0.3", "UID": "ee4de04038453118", "BOMRef": "59ea7e0e-a694-4f4a-ba38-077dc18d82bc" }, "Version": "8.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/diff/package.json", "Digest": "sha1:ee7acad3ce516cc674e0a88afbb6964bb88e355d" }, { "ID": "diff@8.0.3", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@8.0.3", "UID": "49a2b8c4aa8ff6f1", "BOMRef": "f7064623-d275-4064-9e5f-736206e795bc" }, "Version": "8.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/diff/package.json", "Digest": "sha1:ee7acad3ce516cc674e0a88afbb6964bb88e355d" }, { "ID": "emoji-regex@8.0.0", "Name": "emoji-regex", "Identifier": { "PURL": "pkg:npm/emoji-regex@8.0.0", "UID": "eed90aa8290314aa", "BOMRef": "pkg:npm/emoji-regex@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/emoji-regex/package.json", "Digest": "sha1:c26fe90da5886724a2676b8e3d5890beeacaad20" }, { "ID": "encoding@0.1.13", "Name": "encoding", "Identifier": { "PURL": "pkg:npm/encoding@0.1.13", "UID": "a4b63cbfce2eff9d", "BOMRef": "pkg:npm/encoding@0.1.13" }, "Version": "0.1.13", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/encoding/package.json", "Digest": "sha1:52b117f2bc3113970224b9dc97b7fc18f7df30ab" }, { "ID": "env-paths@2.2.1", "Name": "env-paths", "Identifier": { "PURL": "pkg:npm/env-paths@2.2.1", "UID": "425bda383571c067", "BOMRef": "3a9b5de1-d13b-4269-8e2b-e7c01d2b8cb6" }, "Version": "2.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/env-paths/package.json", "Digest": "sha1:b5b570f41c1d3e8f251fd06d075cefea4a3449a9" }, { "ID": "env-paths@2.2.1", "Name": "env-paths", "Identifier": { "PURL": "pkg:npm/env-paths@2.2.1", "UID": "3c5c87c4dbfd3147", "BOMRef": "6b1de0d4-928f-452d-8c26-52e5b9e4e4ad" }, "Version": "2.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/env-paths/package.json", "Digest": "sha1:b5b570f41c1d3e8f251fd06d075cefea4a3449a9" }, { "ID": "err-code@2.0.3", "Name": "err-code", "Identifier": { "PURL": "pkg:npm/err-code@2.0.3", "UID": "8bf9756602130d1", "BOMRef": "8cce655c-c435-45e9-86c0-5517f0e61f9d" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/err-code/package.json", "Digest": "sha1:5c7bc63340bc312d1563bb2b369e333e1165ab04" }, { "ID": "err-code@2.0.3", "Name": "err-code", "Identifier": { "PURL": "pkg:npm/err-code@2.0.3", "UID": "7ca0b0c956bac93b", "BOMRef": "6244111e-f6ae-402c-b4f2-47f19b2f3ae7" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/err-code/package.json", "Digest": "sha1:5c7bc63340bc312d1563bb2b369e333e1165ab04" }, { "ID": "exponential-backoff@3.1.3", "Name": "exponential-backoff", "Identifier": { "PURL": "pkg:npm/exponential-backoff@3.1.3", "UID": "f9075690a6d00912", "BOMRef": "a044d887-cda1-4bdb-a57d-d091adf09d53" }, "Version": "3.1.3", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/exponential-backoff/package.json", "Digest": "sha1:ad6dedac96b4754817f15c7f62c6b1d72fa249fe" }, { "ID": "exponential-backoff@3.1.3", "Name": "exponential-backoff", "Identifier": { "PURL": "pkg:npm/exponential-backoff@3.1.3", "UID": "8e27f76e1c5f2498", "BOMRef": "f5d7ce13-0045-43a4-9696-be577a95afe2" }, "Version": "3.1.3", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/exponential-backoff/package.json", "Digest": "sha1:ad6dedac96b4754817f15c7f62c6b1d72fa249fe" }, { "ID": "fastest-levenshtein@1.0.16", "Name": "fastest-levenshtein", "Identifier": { "PURL": "pkg:npm/fastest-levenshtein@1.0.16", "UID": "d64f001c76a98094", "BOMRef": "c0d2b657-47c3-475c-bc7b-c9713aef21a6" }, "Version": "1.0.16", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/fastest-levenshtein/package.json", "Digest": "sha1:3aca1160ba8ff112a40cdfd2c860a5d6cd689391" }, { "ID": "fastest-levenshtein@1.0.16", "Name": "fastest-levenshtein", "Identifier": { "PURL": "pkg:npm/fastest-levenshtein@1.0.16", "UID": "a0200747af29f629", "BOMRef": "9f828bb9-5eec-4798-b011-6f1293de1bfd" }, "Version": "1.0.16", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/fastest-levenshtein/package.json", "Digest": "sha1:3aca1160ba8ff112a40cdfd2c860a5d6cd689391" }, { "ID": "fdir@6.5.0", "Name": "fdir", "Identifier": { "PURL": "pkg:npm/fdir@6.5.0", "UID": "94fb5b1f78497bf9", "BOMRef": "2ee86dfa-1b12-4daf-b3d9-cc28e7f54d4b" }, "Version": "6.5.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/node_modules/fdir/package.json", "Digest": "sha1:87c30edff77dd2a0847ac92b0a76837682d64eb2" }, { "ID": "fdir@6.5.0", "Name": "fdir", "Identifier": { "PURL": "pkg:npm/fdir@6.5.0", "UID": "713be5a822b71de", "BOMRef": "360b65a5-7726-4bd6-ad94-2eb8e757ff6e" }, "Version": "6.5.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/node_modules/fdir/package.json", "Digest": "sha1:87c30edff77dd2a0847ac92b0a76837682d64eb2" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "6d7c0ca8c27b90a7", "BOMRef": "5bc231fd-f62b-4f0b-ac6b-0e06a48130c3" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/foreground-child/package.json", "Digest": "sha1:ca2af14071df0e6084e5797f9fbcf179d51f9e5d" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "8a2753b26e30e066", "BOMRef": "448eab92-421c-4d3d-a2ba-15b1580563ac" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/foreground-child/package.json", "Digest": "sha1:ca2af14071df0e6084e5797f9fbcf179d51f9e5d" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "296374a2a578adc6", "BOMRef": "d59a1294-d615-41a1-a556-54cbdb9d5b67" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/foreground-child/package.json", "Digest": "sha1:ca2af14071df0e6084e5797f9fbcf179d51f9e5d" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "e382d00c038f3795", "BOMRef": "abd524ac-063e-440a-9bb6-5d66e2a99f65" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/foreground-child/package.json", "Digest": "sha1:ca2af14071df0e6084e5797f9fbcf179d51f9e5d" }, { "ID": "fs-minipass@3.0.3", "Name": "fs-minipass", "Identifier": { "PURL": "pkg:npm/fs-minipass@3.0.3", "UID": "b6df3a77a328660c", "BOMRef": "65a1119b-52c3-4c4f-88b8-b403229464ba" }, "Version": "3.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/fs-minipass/package.json", "Digest": "sha1:2e472ead48322dd560133d10f39db20ee5e3fae1" }, { "ID": "fs-minipass@3.0.3", "Name": "fs-minipass", "Identifier": { "PURL": "pkg:npm/fs-minipass@3.0.3", "UID": "bef1828dfcd1e7a7", "BOMRef": "4ef7ef4c-4e40-499d-aebb-65c04f687b6c" }, "Version": "3.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/fs-minipass/package.json", "Digest": "sha1:2e472ead48322dd560133d10f39db20ee5e3fae1" }, { "ID": "glob@11.1.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@11.1.0", "UID": "cb760cae84f2cc0", "BOMRef": "18ce39d6-fc87-4bf5-8096-117eaaf9ce69" }, "Version": "11.1.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/package.json", "Digest": "sha1:9ce880ebacb6a4fc8ce706b0c4e165a74a4810a6" }, { "ID": "glob@11.1.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@11.1.0", "UID": "c7564a8df103236", "BOMRef": "5b465404-3fea-495b-ac2e-28eb7887ae7f" }, "Version": "11.1.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/package.json", "Digest": "sha1:9ce880ebacb6a4fc8ce706b0c4e165a74a4810a6" }, { "ID": "glob@11.1.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@11.1.0", "UID": "a1545055828a28ee", "BOMRef": "e3783484-221b-4a0d-9fef-365ed4315bb7" }, "Version": "11.1.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/package.json", "Digest": "sha1:9ce880ebacb6a4fc8ce706b0c4e165a74a4810a6" }, { "ID": "glob@11.1.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@11.1.0", "UID": "462234cd5f7a1ceb", "BOMRef": "842f9985-e979-4b0d-a0a4-e5dd62dfc58c" }, "Version": "11.1.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/package.json", "Digest": "sha1:9ce880ebacb6a4fc8ce706b0c4e165a74a4810a6" }, { "ID": "graceful-fs@4.2.11", "Name": "graceful-fs", "Identifier": { "PURL": "pkg:npm/graceful-fs@4.2.11", "UID": "8c1f1a8ef8ba3eb6", "BOMRef": "fdf0d0a9-3812-4722-b48c-8fb6bda15b34" }, "Version": "4.2.11", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/graceful-fs/package.json", "Digest": "sha1:21a733b3f7e2ee153041de90fb03d5596934f346" }, { "ID": "graceful-fs@4.2.11", "Name": "graceful-fs", "Identifier": { "PURL": "pkg:npm/graceful-fs@4.2.11", "UID": "b563429f304677e", "BOMRef": "fcacc943-f71f-4869-a812-653df06e3a8a" }, "Version": "4.2.11", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/graceful-fs/package.json", "Digest": "sha1:21a733b3f7e2ee153041de90fb03d5596934f346" }, { "ID": "hosted-git-info@9.0.2", "Name": "hosted-git-info", "Identifier": { "PURL": "pkg:npm/hosted-git-info@9.0.2", "UID": "e0860584ee0815e1", "BOMRef": "1a653ace-8fce-415e-b94b-c4f1be2d1c85" }, "Version": "9.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/hosted-git-info/package.json", "Digest": "sha1:bd2953244687bfff7fdc74a3798a66119f64428e" }, { "ID": "hosted-git-info@9.0.2", "Name": "hosted-git-info", "Identifier": { "PURL": "pkg:npm/hosted-git-info@9.0.2", "UID": "43c3afa9a57badea", "BOMRef": "d74268df-88af-4ddc-99d6-ac8fec2b33a3" }, "Version": "9.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/hosted-git-info/package.json", "Digest": "sha1:bd2953244687bfff7fdc74a3798a66119f64428e" }, { "ID": "http-cache-semantics@4.2.0", "Name": "http-cache-semantics", "Identifier": { "PURL": "pkg:npm/http-cache-semantics@4.2.0", "UID": "24713d4f98b5ff14", "BOMRef": "585c2dff-130d-4432-a0b3-4291d0d0a284" }, "Version": "4.2.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/http-cache-semantics/package.json", "Digest": "sha1:563b0d8af1a9641083e8f6cefbf4259fa845e7ca" }, { "ID": "http-cache-semantics@4.2.0", "Name": "http-cache-semantics", "Identifier": { "PURL": "pkg:npm/http-cache-semantics@4.2.0", "UID": "3cb7d48e452d7d61", "BOMRef": "656c8074-fa1f-475a-8c72-27979b0c9d87" }, "Version": "4.2.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/http-cache-semantics/package.json", "Digest": "sha1:563b0d8af1a9641083e8f6cefbf4259fa845e7ca" }, { "ID": "http-proxy-agent@7.0.2", "Name": "http-proxy-agent", "Identifier": { "PURL": "pkg:npm/http-proxy-agent@7.0.2", "UID": "885513e94843ab82", "BOMRef": "ba5b9d69-ab21-47af-b7d0-61032c8d0d7b" }, "Version": "7.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/http-proxy-agent/package.json", "Digest": "sha1:f8b2b2bf2f3e2f8491496f9efe80b96442a803a9" }, { "ID": "http-proxy-agent@7.0.2", "Name": "http-proxy-agent", "Identifier": { "PURL": "pkg:npm/http-proxy-agent@7.0.2", "UID": "d1c7d40e160adcc7", "BOMRef": "5f6b5e27-fec1-4942-abcb-2b2fe294bb58" }, "Version": "7.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/http-proxy-agent/package.json", "Digest": "sha1:f8b2b2bf2f3e2f8491496f9efe80b96442a803a9" }, { "ID": "https-proxy-agent@7.0.6", "Name": "https-proxy-agent", "Identifier": { "PURL": "pkg:npm/https-proxy-agent@7.0.6", "UID": "afbe11bd21b76860", "BOMRef": "e4b4ae08-78aa-4f6c-a79d-ff49c6bb6fbd" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/https-proxy-agent/package.json", "Digest": "sha1:17ea193ab8be5c579a2d10e9a13bff389858f7e8" }, { "ID": "https-proxy-agent@7.0.6", "Name": "https-proxy-agent", "Identifier": { "PURL": "pkg:npm/https-proxy-agent@7.0.6", "UID": "e63cb4316b7111f0", "BOMRef": "ff536084-421d-4e57-956f-a35febcd6ed4" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/https-proxy-agent/package.json", "Digest": "sha1:17ea193ab8be5c579a2d10e9a13bff389858f7e8" }, { "ID": "iconv-lite@0.6.3", "Name": "iconv-lite", "Identifier": { "PURL": "pkg:npm/iconv-lite@0.6.3", "UID": "7930bacb9ec2ee78", "BOMRef": "pkg:npm/iconv-lite@0.6.3" }, "Version": "0.6.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/iconv-lite/package.json", "Digest": "sha1:a3d90badf75db503f5dd3ff3fb76d120d1424978" }, { "ID": "iconv-lite@0.7.2", "Name": "iconv-lite", "Identifier": { "PURL": "pkg:npm/iconv-lite@0.7.2", "UID": "ee3efc688ec56aed", "BOMRef": "pkg:npm/iconv-lite@0.7.2" }, "Version": "0.7.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/iconv-lite/package.json", "Digest": "sha1:680ec19cf66d40d6c095009f9ee97807151dccd6" }, { "ID": "ignore-walk@8.0.0", "Name": "ignore-walk", "Identifier": { "PURL": "pkg:npm/ignore-walk@8.0.0", "UID": "7af0851bcfbd1dfe", "BOMRef": "bf8b02e6-dc62-48c2-ad40-396dc16ade8d" }, "Version": "8.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ignore-walk/package.json", "Digest": "sha1:48b090250976a784406de6d243cb8221ac357a08" }, { "ID": "ignore-walk@8.0.0", "Name": "ignore-walk", "Identifier": { "PURL": "pkg:npm/ignore-walk@8.0.0", "UID": "9db0363a1623f2c9", "BOMRef": "9e3f3bf0-4e75-48f3-bab8-276a7e59751c" }, "Version": "8.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ignore-walk/package.json", "Digest": "sha1:48b090250976a784406de6d243cb8221ac357a08" }, { "ID": "imurmurhash@0.1.4", "Name": "imurmurhash", "Identifier": { "PURL": "pkg:npm/imurmurhash@0.1.4", "UID": "675d57759e423e19", "BOMRef": "96e4fc2f-59cc-4bdb-9993-d20ea0686ec4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/imurmurhash/package.json", "Digest": "sha1:a28f2b413385af4188c4fc0ad1e0c38c2cd03cf4" }, { "ID": "imurmurhash@0.1.4", "Name": "imurmurhash", "Identifier": { "PURL": "pkg:npm/imurmurhash@0.1.4", "UID": "1ab2459097bac4ac", "BOMRef": "cd5d7d3a-c8cf-407c-bb56-71d177da2f73" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/imurmurhash/package.json", "Digest": "sha1:a28f2b413385af4188c4fc0ad1e0c38c2cd03cf4" }, { "ID": "ini@6.0.0", "Name": "ini", "Identifier": { "PURL": "pkg:npm/ini@6.0.0", "UID": "c7fd9a380d9e1084", "BOMRef": "27824a81-6a42-4094-8995-36b141d86560" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ini/package.json", "Digest": "sha1:5edfb581604a00537da0213d0168236a05a49bf5" }, { "ID": "ini@6.0.0", "Name": "ini", "Identifier": { "PURL": "pkg:npm/ini@6.0.0", "UID": "4ecae9387cda5846", "BOMRef": "ac76c6c6-6bf2-416b-a03d-6a6e6dc71c87" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ini/package.json", "Digest": "sha1:5edfb581604a00537da0213d0168236a05a49bf5" }, { "ID": "init-package-json@8.2.4", "Name": "init-package-json", "Identifier": { "PURL": "pkg:npm/init-package-json@8.2.4", "UID": "b7f324134012dbea", "BOMRef": "pkg:npm/init-package-json@8.2.4" }, "Version": "8.2.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/init-package-json/package.json", "Digest": "sha1:5112f0d23125bc0d7e4c7980385806e8bfeb15ce" }, { "ID": "init-package-json@8.2.5", "Name": "init-package-json", "Identifier": { "PURL": "pkg:npm/init-package-json@8.2.5", "UID": "2b71a362c120aa3a", "BOMRef": "pkg:npm/init-package-json@8.2.5" }, "Version": "8.2.5", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/init-package-json/package.json", "Digest": "sha1:135bdc6d9e7c3b4f96681fa03c2de7f644275cae" }, { "ID": "ip-address@10.1.0", "Name": "ip-address", "Identifier": { "PURL": "pkg:npm/ip-address@10.1.0", "UID": "75fd832573d90210", "BOMRef": "a46073b9-f481-4e4a-a945-a3618ac8b8ab" }, "Version": "10.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ip-address/package.json", "Digest": "sha1:191d8a246dac65b7bb2707c1b08770812e9024e6" }, { "ID": "ip-address@10.1.0", "Name": "ip-address", "Identifier": { "PURL": "pkg:npm/ip-address@10.1.0", "UID": "704dfce7202db419", "BOMRef": "6d86e799-67e6-4b3d-9832-8e1097c51c5d" }, "Version": "10.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ip-address/package.json", "Digest": "sha1:191d8a246dac65b7bb2707c1b08770812e9024e6" }, { "ID": "ip-regex@5.0.0", "Name": "ip-regex", "Identifier": { "PURL": "pkg:npm/ip-regex@5.0.0", "UID": "6d8d72dfe5b30f07", "BOMRef": "pkg:npm/ip-regex@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ip-regex/package.json", "Digest": "sha1:e3ebe61a5855188e86da90f29b0ea8c44793b9f0" }, { "ID": "is-cidr@6.0.1", "Name": "is-cidr", "Identifier": { "PURL": "pkg:npm/is-cidr@6.0.1", "UID": "151571b1634e11a7", "BOMRef": "pkg:npm/is-cidr@6.0.1" }, "Version": "6.0.1", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/is-cidr/package.json", "Digest": "sha1:7ae4aacf966b4f49bd609909796a7700fd8e877d" }, { "ID": "is-cidr@6.0.3", "Name": "is-cidr", "Identifier": { "PURL": "pkg:npm/is-cidr@6.0.3", "UID": "f0eb8228ed165776", "BOMRef": "pkg:npm/is-cidr@6.0.3" }, "Version": "6.0.3", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/is-cidr/package.json", "Digest": "sha1:1542d8b025df8f5b8246fdc01f4fe37c5a065a31" }, { "ID": "is-fullwidth-code-point@3.0.0", "Name": "is-fullwidth-code-point", "Identifier": { "PURL": "pkg:npm/is-fullwidth-code-point@3.0.0", "UID": "59b98550703879a5", "BOMRef": "pkg:npm/is-fullwidth-code-point@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/is-fullwidth-code-point/package.json", "Digest": "sha1:49dbcba3eb3e3cba5b97bce28eb6194775d23c88" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "7a1dc04578b1529e", "BOMRef": "2da90507-8e01-4852-af33-38d591548108" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/isexe/package.json", "Digest": "sha1:3b3eab80c4ffd08eef6b3381b98de7be3649d06b" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "874214f7be3feb64", "BOMRef": "0670f814-bd6f-4b99-b633-af482e9c528e" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/isexe/package.json", "Digest": "sha1:3b3eab80c4ffd08eef6b3381b98de7be3649d06b" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "5794c7939adbabcb", "BOMRef": "6e25ce47-10a1-443b-aed0-384ea7dc729d" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/isexe/package.json", "Digest": "sha1:3b3eab80c4ffd08eef6b3381b98de7be3649d06b" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "e2d9ead8cbf7a4e3", "BOMRef": "6031cc54-4fd7-4099-a1ce-14115a3fb4e4" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/isexe/package.json", "Digest": "sha1:3b3eab80c4ffd08eef6b3381b98de7be3649d06b" }, { "ID": "isexe@3.1.1", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@3.1.1", "UID": "7b18158539570489", "BOMRef": "pkg:npm/isexe@3.1.1" }, "Version": "3.1.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/isexe/package.json", "Digest": "sha1:33fc88b1f05370bb6518291c601cf96cfcafdc3b" }, { "ID": "isexe@4.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@4.0.0", "UID": "54d9f776c6369c73", "BOMRef": "pkg:npm/isexe@4.0.0" }, "Version": "4.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/isexe/package.json", "Digest": "sha1:66620ebb413146985b58e32e2fb7007a46903867" }, { "ID": "jackspeak@4.2.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@4.2.3", "UID": "a2bbb87598eb93b6", "BOMRef": "117645da-e2e8-43fd-bff9-92100327da7b" }, "Version": "4.2.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/jackspeak/package.json", "Digest": "sha1:45d9816050ff7a6de553a418f4a0038a406fe991" }, { "ID": "jackspeak@4.2.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@4.2.3", "UID": "68b50f90af007ef3", "BOMRef": "48038b5d-353d-4940-b661-3450185a6bdb" }, "Version": "4.2.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/jackspeak/package.json", "Digest": "sha1:45d9816050ff7a6de553a418f4a0038a406fe991" }, { "ID": "jackspeak@4.2.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@4.2.3", "UID": "d32015b76dc55598", "BOMRef": "b5c5197b-94fd-4e18-90a2-745b1a22f749" }, "Version": "4.2.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/jackspeak/package.json", "Digest": "sha1:45d9816050ff7a6de553a418f4a0038a406fe991" }, { "ID": "jackspeak@4.2.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@4.2.3", "UID": "433da29d1a18073b", "BOMRef": "82c8a61a-8bc9-4cc8-bedf-56fd9b5378fe" }, "Version": "4.2.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/jackspeak/package.json", "Digest": "sha1:45d9816050ff7a6de553a418f4a0038a406fe991" }, { "ID": "json-parse-even-better-errors@5.0.0", "Name": "json-parse-even-better-errors", "Identifier": { "PURL": "pkg:npm/json-parse-even-better-errors@5.0.0", "UID": "da536827f39877bb", "BOMRef": "c3bbe201-5f12-4190-8460-de29f78c1b0f" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/json-parse-even-better-errors/package.json", "Digest": "sha1:27231975ccc2498cb184ae3e74122f2427ba1a5a" }, { "ID": "json-parse-even-better-errors@5.0.0", "Name": "json-parse-even-better-errors", "Identifier": { "PURL": "pkg:npm/json-parse-even-better-errors@5.0.0", "UID": "1e764c77eed92909", "BOMRef": "3f18a943-da39-4251-9200-012d49076983" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/json-parse-even-better-errors/package.json", "Digest": "sha1:27231975ccc2498cb184ae3e74122f2427ba1a5a" }, { "ID": "json-stringify-nice@1.1.4", "Name": "json-stringify-nice", "Identifier": { "PURL": "pkg:npm/json-stringify-nice@1.1.4", "UID": "e479398ece2d5fbc", "BOMRef": "cc53da8c-7812-453f-a717-02ec08abde46" }, "Version": "1.1.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/json-stringify-nice/package.json", "Digest": "sha1:adef02a4345a493535ccb990b09f850508ae516f" }, { "ID": "json-stringify-nice@1.1.4", "Name": "json-stringify-nice", "Identifier": { "PURL": "pkg:npm/json-stringify-nice@1.1.4", "UID": "54e56218347756f4", "BOMRef": "7917e2aa-1a66-4a83-96cb-954df534368b" }, "Version": "1.1.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/json-stringify-nice/package.json", "Digest": "sha1:adef02a4345a493535ccb990b09f850508ae516f" }, { "ID": "jsonparse@1.3.1", "Name": "jsonparse", "Identifier": { "PURL": "pkg:npm/jsonparse@1.3.1", "UID": "ca92aaac90300843", "BOMRef": "ef070878-95bf-4345-9d6c-bcf3a20e576d" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/jsonparse/package.json", "Digest": "sha1:ec0bb766bf32ebd53d835393da006bb834a663fd" }, { "ID": "jsonparse@1.3.1", "Name": "jsonparse", "Identifier": { "PURL": "pkg:npm/jsonparse@1.3.1", "UID": "e07bf8b71ee663ea", "BOMRef": "4f92799f-f967-48e0-b32f-ce7948473834" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/jsonparse/package.json", "Digest": "sha1:ec0bb766bf32ebd53d835393da006bb834a663fd" }, { "ID": "just-diff@6.0.2", "Name": "just-diff", "Identifier": { "PURL": "pkg:npm/just-diff@6.0.2", "UID": "53faf48bbea843c4", "BOMRef": "50e91d98-e0c5-4f90-a705-c932910d8bce" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/just-diff/package.json", "Digest": "sha1:396a274e87b3ad6a3704a76cf18fbb2a9dd45ada" }, { "ID": "just-diff@6.0.2", "Name": "just-diff", "Identifier": { "PURL": "pkg:npm/just-diff@6.0.2", "UID": "cbd8b0c555bf27ec", "BOMRef": "02c1713d-b1b2-4ca5-806f-a310741a9bd7" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/just-diff/package.json", "Digest": "sha1:396a274e87b3ad6a3704a76cf18fbb2a9dd45ada" }, { "ID": "just-diff-apply@5.5.0", "Name": "just-diff-apply", "Identifier": { "PURL": "pkg:npm/just-diff-apply@5.5.0", "UID": "4ef1fe59d36523fe", "BOMRef": "c834de99-be7c-43aa-9cdb-a8684d5342ee" }, "Version": "5.5.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/just-diff-apply/package.json", "Digest": "sha1:26d39d00f0fc1ddfe4974dbe69691f9c09ad9036" }, { "ID": "just-diff-apply@5.5.0", "Name": "just-diff-apply", "Identifier": { "PURL": "pkg:npm/just-diff-apply@5.5.0", "UID": "b0329facc7de04d4", "BOMRef": "ea2c8a43-c953-4429-9fe5-624bede22d1e" }, "Version": "5.5.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/just-diff-apply/package.json", "Digest": "sha1:26d39d00f0fc1ddfe4974dbe69691f9c09ad9036" }, { "ID": "libnpmaccess@10.0.3", "Name": "libnpmaccess", "Identifier": { "PURL": "pkg:npm/libnpmaccess@10.0.3", "UID": "ef399b583db1e21b", "BOMRef": "15d7f2d3-d1f1-45a4-8b09-f0b669acbb23" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmaccess/package.json", "Digest": "sha1:c1d01036aa963e18b715c0bf3ec1bdad5d39d0be" }, { "ID": "libnpmaccess@10.0.3", "Name": "libnpmaccess", "Identifier": { "PURL": "pkg:npm/libnpmaccess@10.0.3", "UID": "786c86282b3732ca", "BOMRef": "fb5ac325-ceae-4a16-9474-89864d1afbd4" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmaccess/package.json", "Digest": "sha1:88716dc0d2d84c458e7f30e99f7e99188bef59b2" }, { "ID": "libnpmdiff@8.0.13", "Name": "libnpmdiff", "Identifier": { "PURL": "pkg:npm/libnpmdiff@8.0.13", "UID": "a51773329d312024", "BOMRef": "pkg:npm/libnpmdiff@8.0.13" }, "Version": "8.0.13", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmdiff/package.json", "Digest": "sha1:8620167de2c70aed2967dd19f20eb221ce942857" }, { "ID": "libnpmdiff@8.1.3", "Name": "libnpmdiff", "Identifier": { "PURL": "pkg:npm/libnpmdiff@8.1.3", "UID": "4e738d62eba7ad60", "BOMRef": "pkg:npm/libnpmdiff@8.1.3" }, "Version": "8.1.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmdiff/package.json", "Digest": "sha1:7bb2a4470ada74db8b19cff060f9893144dd4fc3" }, { "ID": "libnpmexec@10.1.12", "Name": "libnpmexec", "Identifier": { "PURL": "pkg:npm/libnpmexec@10.1.12", "UID": "f4e97696f900c213", "BOMRef": "pkg:npm/libnpmexec@10.1.12" }, "Version": "10.1.12", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmexec/package.json", "Digest": "sha1:e5309d547a9265c367489cce048a4be7e40cd185" }, { "ID": "libnpmexec@10.2.3", "Name": "libnpmexec", "Identifier": { "PURL": "pkg:npm/libnpmexec@10.2.3", "UID": "a6b0b1a7c19df9dc", "BOMRef": "pkg:npm/libnpmexec@10.2.3" }, "Version": "10.2.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmexec/package.json", "Digest": "sha1:94cef92f6c01a16c2de53b84080083404d010727" }, { "ID": "libnpmfund@7.0.13", "Name": "libnpmfund", "Identifier": { "PURL": "pkg:npm/libnpmfund@7.0.13", "UID": "e105ea7aef2762a6", "BOMRef": "pkg:npm/libnpmfund@7.0.13" }, "Version": "7.0.13", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmfund/package.json", "Digest": "sha1:fcf920f9c673a9dfbeb93483b651e6743d7d2d8d" }, { "ID": "libnpmfund@7.0.17", "Name": "libnpmfund", "Identifier": { "PURL": "pkg:npm/libnpmfund@7.0.17", "UID": "1c4481bad7a540c8", "BOMRef": "pkg:npm/libnpmfund@7.0.17" }, "Version": "7.0.17", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmfund/package.json", "Digest": "sha1:b749fd9bed4a653c4757e73672035120b09c8c4d" }, { "ID": "libnpmorg@8.0.1", "Name": "libnpmorg", "Identifier": { "PURL": "pkg:npm/libnpmorg@8.0.1", "UID": "b0f20d92ed4386db", "BOMRef": "92cdbdd6-34de-42b2-a95b-8e87c021fe21" }, "Version": "8.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmorg/package.json", "Digest": "sha1:bb751a1dee75e700037086efe488eaadcf29345f" }, { "ID": "libnpmorg@8.0.1", "Name": "libnpmorg", "Identifier": { "PURL": "pkg:npm/libnpmorg@8.0.1", "UID": "ac5223f3a08aa89d", "BOMRef": "1b368a48-9aa9-4255-a2b3-ba8787aa738d" }, "Version": "8.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmorg/package.json", "Digest": "sha1:71644ece4c1f7182783fe2ea542ab4a851465845" }, { "ID": "libnpmpack@9.0.13", "Name": "libnpmpack", "Identifier": { "PURL": "pkg:npm/libnpmpack@9.0.13", "UID": "c8c6edbdbe9a9607", "BOMRef": "pkg:npm/libnpmpack@9.0.13" }, "Version": "9.0.13", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmpack/package.json", "Digest": "sha1:221ad8b73551e34d90b0d66be97942cd0e705f50" }, { "ID": "libnpmpack@9.1.3", "Name": "libnpmpack", "Identifier": { "PURL": "pkg:npm/libnpmpack@9.1.3", "UID": "cd518826705c4601", "BOMRef": "pkg:npm/libnpmpack@9.1.3" }, "Version": "9.1.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmpack/package.json", "Digest": "sha1:990291b088743442fc68f01e7867991d37cd527a" }, { "ID": "libnpmpublish@11.1.3", "Name": "libnpmpublish", "Identifier": { "PURL": "pkg:npm/libnpmpublish@11.1.3", "UID": "71caab54a317cc7a", "BOMRef": "4a39470c-90e3-4f20-be18-5defe8ba3d35" }, "Version": "11.1.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmpublish/package.json", "Digest": "sha1:ff82ddefb69c8d63b5a4be420961ed9bc267923d" }, { "ID": "libnpmpublish@11.1.3", "Name": "libnpmpublish", "Identifier": { "PURL": "pkg:npm/libnpmpublish@11.1.3", "UID": "64ba9519bb1f87b9", "BOMRef": "3029226a-e6f7-4ed2-86b8-c0ba260871b6" }, "Version": "11.1.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmpublish/package.json", "Digest": "sha1:f79157562e8ad15b97e33362c5e104f49358c209" }, { "ID": "libnpmsearch@9.0.1", "Name": "libnpmsearch", "Identifier": { "PURL": "pkg:npm/libnpmsearch@9.0.1", "UID": "80812132e7bd3cd7", "BOMRef": "58f42c28-8a2d-4cd5-90b6-fcdc16b42f23" }, "Version": "9.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmsearch/package.json", "Digest": "sha1:839c733ea34fee24f8639d9514b827f20634aa47" }, { "ID": "libnpmsearch@9.0.1", "Name": "libnpmsearch", "Identifier": { "PURL": "pkg:npm/libnpmsearch@9.0.1", "UID": "c65ee388cffca847", "BOMRef": "642b5cc2-cf30-44cc-9e77-3dc8799cf150" }, "Version": "9.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmsearch/package.json", "Digest": "sha1:51c93baa72fc8c35a3195194d066536a133e26d5" }, { "ID": "libnpmteam@8.0.2", "Name": "libnpmteam", "Identifier": { "PURL": "pkg:npm/libnpmteam@8.0.2", "UID": "c43c162931e3c5cc", "BOMRef": "09a1b5e6-432a-4ac1-815f-b8a87c4b0f37" }, "Version": "8.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmteam/package.json", "Digest": "sha1:4638228278157df58223fce221f2b21e99a43351" }, { "ID": "libnpmteam@8.0.2", "Name": "libnpmteam", "Identifier": { "PURL": "pkg:npm/libnpmteam@8.0.2", "UID": "479d3b58eb56bdec", "BOMRef": "0eb35bad-f499-49ef-8fff-b969bdb2003e" }, "Version": "8.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmteam/package.json", "Digest": "sha1:c57610dfde38cf9e325c1cb64f6dcced3ee8af6d" }, { "ID": "libnpmversion@8.0.3", "Name": "libnpmversion", "Identifier": { "PURL": "pkg:npm/libnpmversion@8.0.3", "UID": "4618f8323c627a3b", "BOMRef": "1b2d3feb-f4f1-4d7a-bf9a-1833b3251b1a" }, "Version": "8.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmversion/package.json", "Digest": "sha1:26c9215135593d18d97e7124f32d5644aa62edac" }, { "ID": "libnpmversion@8.0.3", "Name": "libnpmversion", "Identifier": { "PURL": "pkg:npm/libnpmversion@8.0.3", "UID": "9495dec859ef6d62", "BOMRef": "45efeb23-6279-46b3-a480-11bea7cc4a3b" }, "Version": "8.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmversion/package.json", "Digest": "sha1:0526d61c11a1dc3cfdf3014dd303e35be0df0907" }, { "ID": "litellm-dashboard@0.1.0", "Name": "litellm-dashboard", "Identifier": { "PURL": "pkg:npm/litellm-dashboard@0.1.0", "UID": "9814a7a37f4a2ed6", "BOMRef": "pkg:npm/litellm-dashboard@0.1.0" }, "Version": "0.1.0", "Layer": { "Digest": "sha256:9bc527d3ca0651e418611453d924c7075960fd5f2311c55d2ed4f6b792c9045f", "DiffID": "sha256:8e1e20fa39a3b406637c68b5bcff0770fd1deb6f81da5fd2c126bfddd90c76f8" }, "FilePath": "app/ui/litellm-dashboard/package.json", "Digest": "sha1:1a0b5a58c0cc2aa5b38b8ac2ae691c356a19d6dc" }, { "ID": "lru-cache@11.2.4", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.4", "UID": "e86e64636413cd39", "BOMRef": "pkg:npm/lru-cache@11.2.4" }, "Version": "11.2.4", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/lru-cache/package.json", "Digest": "sha1:0d206de7c8ee6fa3afe883a6caf24750ef4b6a56" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "eed94afd186106b1", "BOMRef": "85f3d728-9cb1-4037-a3de-b424c21bc68f" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "852b425516775d3d", "BOMRef": "a81f80d1-f2b6-4423-a605-95c62646ff99" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "f54985dcd20c5517", "BOMRef": "bddb411e-d1bb-4b24-9b98-9af47cb1a596" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "21d34930898ac63c", "BOMRef": "41349b5d-1ce3-4ba1-8929-ddabb50e384e" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "9478a4b02766f175", "BOMRef": "1447e947-5445-48c4-a59e-3abf5a9b7dd2" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "make-fetch-happen@15.0.3", "Name": "make-fetch-happen", "Identifier": { "PURL": "pkg:npm/make-fetch-happen@15.0.3", "UID": "16c327d8f34f0b05", "BOMRef": "pkg:npm/make-fetch-happen@15.0.3" }, "Version": "15.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/make-fetch-happen/package.json", "Digest": "sha1:06b8dc0e17bf93a970739a0ac6845fa168884e8a" }, { "ID": "make-fetch-happen@15.0.4", "Name": "make-fetch-happen", "Identifier": { "PURL": "pkg:npm/make-fetch-happen@15.0.4", "UID": "b655f97327cab974", "BOMRef": "pkg:npm/make-fetch-happen@15.0.4" }, "Version": "15.0.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/make-fetch-happen/package.json", "Digest": "sha1:13079ab7db3997b25ca07cbd6e0a6056676eeee1" }, { "ID": "minimatch@10.2.1", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "f0ee395cbecb017b", "BOMRef": "b41fce54-de22-4183-883c-98da0289653c" }, "Version": "10.2.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/minimatch/package.json", "Digest": "sha1:51f9e760bf99990f544c2aa399bf816a30aaaf9e" }, { "ID": "minimatch@10.2.1", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "9bf781e21f4d0c0", "BOMRef": "4b8162e2-c5c3-412e-b004-3ee7f6ff2c00" }, "Version": "10.2.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/package.json", "Digest": "sha1:51f9e760bf99990f544c2aa399bf816a30aaaf9e" }, { "ID": "minimatch@10.2.1", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "ead8007093e488cd", "BOMRef": "6146bb2a-1e92-41f5-9c2c-839bbfeae446" }, "Version": "10.2.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/minimatch/package.json", "Digest": "sha1:51f9e760bf99990f544c2aa399bf816a30aaaf9e" }, { "ID": "minimatch@10.2.1", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "552ffe6afaa50f4b", "BOMRef": "6a0e3b6b-962b-48e6-bd20-900231f64771" }, "Version": "10.2.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minimatch/package.json", "Digest": "sha1:51f9e760bf99990f544c2aa399bf816a30aaaf9e" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "fd73d695f68eebc", "BOMRef": "01b615fb-f455-4f5c-b072-61a7db147cff" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-flush/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "18fd9681ad78ff2c", "BOMRef": "ff4039bb-26bb-40ab-9632-54791ace747a" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-pipeline/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "4ed3e30d42b2b76", "BOMRef": "84d43aeb-b7ac-42f6-9334-9525d878f910" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-sized/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "7a0048fed9ae80b8", "BOMRef": "63300bee-ea2a-412a-a413-cbb45855b13f" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-flush/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "e741285dd3260241", "BOMRef": "691f8b3a-7800-49dd-baa6-e9aed4baa816" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-pipeline/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@7.1.2", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.2", "UID": "b0c2f070c394654a", "BOMRef": "pkg:npm/minipass@7.1.2" }, "Version": "7.1.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass/package.json", "Digest": "sha1:798df22ae1185484c372b4da30c4d75a0e7ea572" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "c9cf8a87e25edc2b", "BOMRef": "d57ac80b-c0a9-49ea-ba45-04cbaa37844e" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "703d2aa719fdee60", "BOMRef": "95f2627e-4b96-4817-8eaf-b626f2ec7c77" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "51d5115211fb9d26", "BOMRef": "3fb93e7d-a408-4b81-8834-4a2191e7a0b3" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "c5d4261b222417ea", "BOMRef": "592568a1-488f-4fa9-a558-19ec655b3b27" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "ac31ee99a50cf932", "BOMRef": "2a4c6025-9e77-4c80-93d7-12968b3cc539" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "dd98e0afa1c715f9", "BOMRef": "22cf9950-3923-4a06-892a-1827935b6ce0" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "8a868beeac9ffe9e", "BOMRef": "808ccbf3-37ef-497c-a54f-110761bfa264" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "8caab94d41a03e71", "BOMRef": "b966849e-1f30-4ee4-b579-b1bb0a729038" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "29bd81bf28458264", "BOMRef": "59fae46d-37c2-4440-8d16-0f54b6b91db5" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass-collect@2.0.1", "Name": "minipass-collect", "Identifier": { "PURL": "pkg:npm/minipass-collect@2.0.1", "UID": "8996d9f14cd90495", "BOMRef": "81a11850-81bc-46a1-9764-8b6266c43519" }, "Version": "2.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-collect/package.json", "Digest": "sha1:7ca3a77ca7b795148ecee5d9ebbe96e968dddb15" }, { "ID": "minipass-collect@2.0.1", "Name": "minipass-collect", "Identifier": { "PURL": "pkg:npm/minipass-collect@2.0.1", "UID": "892144638a532c7", "BOMRef": "87456ebe-8a82-45a3-ba2f-0b9de5ae0431" }, "Version": "2.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-collect/package.json", "Digest": "sha1:7ca3a77ca7b795148ecee5d9ebbe96e968dddb15" }, { "ID": "minipass-fetch@5.0.0", "Name": "minipass-fetch", "Identifier": { "PURL": "pkg:npm/minipass-fetch@5.0.0", "UID": "8567f7869378323b", "BOMRef": "pkg:npm/minipass-fetch@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-fetch/package.json", "Digest": "sha1:de070b816133f9f9134563f7c6096a4cc99cd139" }, { "ID": "minipass-fetch@5.0.2", "Name": "minipass-fetch", "Identifier": { "PURL": "pkg:npm/minipass-fetch@5.0.2", "UID": "8212c4ba8c274583", "BOMRef": "pkg:npm/minipass-fetch@5.0.2" }, "Version": "5.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-fetch/package.json", "Digest": "sha1:3d9f30e4705201e45528f7bd4d7886f8a98a5ebe" }, { "ID": "minipass-flush@1.0.5", "Name": "minipass-flush", "Identifier": { "PURL": "pkg:npm/minipass-flush@1.0.5", "UID": "77e3360c92c3e070", "BOMRef": "dc3f6875-ce05-4465-9e75-91963e7d76b6" }, "Version": "1.0.5", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-flush/package.json", "Digest": "sha1:c89612a2a9c68141b8271bbc94bcc88067c29790" }, { "ID": "minipass-flush@1.0.5", "Name": "minipass-flush", "Identifier": { "PURL": "pkg:npm/minipass-flush@1.0.5", "UID": "df79109c50a98dc5", "BOMRef": "630eef43-9893-47f6-917e-c7568fabc886" }, "Version": "1.0.5", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-flush/package.json", "Digest": "sha1:c89612a2a9c68141b8271bbc94bcc88067c29790" }, { "ID": "minipass-pipeline@1.2.4", "Name": "minipass-pipeline", "Identifier": { "PURL": "pkg:npm/minipass-pipeline@1.2.4", "UID": "319f11e7c5011630", "BOMRef": "43a63789-2352-4379-bed8-0df03bc98c4e" }, "Version": "1.2.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-pipeline/package.json", "Digest": "sha1:e30c58465801deaceb4b81898e531c75679563b1" }, { "ID": "minipass-pipeline@1.2.4", "Name": "minipass-pipeline", "Identifier": { "PURL": "pkg:npm/minipass-pipeline@1.2.4", "UID": "7427a58acf1820ef", "BOMRef": "de9952c7-7dfb-47fd-b179-6b861a050414" }, "Version": "1.2.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-pipeline/package.json", "Digest": "sha1:e30c58465801deaceb4b81898e531c75679563b1" }, { "ID": "minipass-sized@1.0.3", "Name": "minipass-sized", "Identifier": { "PURL": "pkg:npm/minipass-sized@1.0.3", "UID": "ca5f4229b3d3a949", "BOMRef": "pkg:npm/minipass-sized@1.0.3" }, "Version": "1.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-sized/package.json", "Digest": "sha1:615e0e93dfdbc65b217029380591abc9e9b64136" }, { "ID": "minipass-sized@2.0.0", "Name": "minipass-sized", "Identifier": { "PURL": "pkg:npm/minipass-sized@2.0.0", "UID": "ba8edb6e81751f75", "BOMRef": "pkg:npm/minipass-sized@2.0.0" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-sized/package.json", "Digest": "sha1:c0e70d0d99106c4391afde2f25524f3cb876a1dd" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "6cd3ba867bed0e02", "BOMRef": "9185baca-29c6-4d6b-8753-aec506de00ec" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "7f4f6300feb20e", "BOMRef": "e3718492-b7ee-4ed3-9a46-ce45aaed459b" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "1ac252f6db949ed8", "BOMRef": "8d5f2eb8-5ce3-4435-96e0-dc4543a6d01e" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "f514e73d411ec30d", "BOMRef": "01001cde-7b2e-4971-9a48-5b53925e1bae" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "9e46406a3085fd23", "BOMRef": "30c76bf5-d614-4f04-b6a4-2e95961f4d12" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "49f2577aed65ab95", "BOMRef": "1648bcb2-8377-46f9-8412-8d1d649f71aa" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "ms@2.1.3", "Name": "ms", "Identifier": { "PURL": "pkg:npm/ms@2.1.3", "UID": "d141ade25cd997eb", "BOMRef": "7a2d41cd-9605-42ca-9efc-eab62ebf95b3" }, "Version": "2.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ms/package.json", "Digest": "sha1:c290eb97736177176d071da4ac855ab995685c97" }, { "ID": "ms@2.1.3", "Name": "ms", "Identifier": { "PURL": "pkg:npm/ms@2.1.3", "UID": "456bb5eb8edeef1", "BOMRef": "2fdd984d-40c9-4255-aef5-a3b4465071f7" }, "Version": "2.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ms/package.json", "Digest": "sha1:c290eb97736177176d071da4ac855ab995685c97" }, { "ID": "mute-stream@3.0.0", "Name": "mute-stream", "Identifier": { "PURL": "pkg:npm/mute-stream@3.0.0", "UID": "cce348a5cc57bcd9", "BOMRef": "6c4d39c4-6076-4baf-8fc7-2079e17cacbf" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/mute-stream/package.json", "Digest": "sha1:170b20aad820bb2d67cdb50fe6714c3030eb6961" }, { "ID": "mute-stream@3.0.0", "Name": "mute-stream", "Identifier": { "PURL": "pkg:npm/mute-stream@3.0.0", "UID": "e24c5e0d200e693e", "BOMRef": "2a098284-7c8d-4b17-9d9b-228a09984846" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/mute-stream/package.json", "Digest": "sha1:170b20aad820bb2d67cdb50fe6714c3030eb6961" }, { "ID": "negotiator@1.0.0", "Name": "negotiator", "Identifier": { "PURL": "pkg:npm/negotiator@1.0.0", "UID": "8d48fee9cd92cd1", "BOMRef": "6bf99d95-1079-4d3c-8c65-460bfbfafe58" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/negotiator/package.json", "Digest": "sha1:046524b23a7aefb2b0cfd3ebbd0fd84c0f7df3f6" }, { "ID": "negotiator@1.0.0", "Name": "negotiator", "Identifier": { "PURL": "pkg:npm/negotiator@1.0.0", "UID": "4f66a4074b86f3f4", "BOMRef": "f87afb75-8d27-429a-9833-2d8ae84698db" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/negotiator/package.json", "Digest": "sha1:046524b23a7aefb2b0cfd3ebbd0fd84c0f7df3f6" }, { "ID": "node-gyp@12.1.0", "Name": "node-gyp", "Identifier": { "PURL": "pkg:npm/node-gyp@12.1.0", "UID": "f7975487496a2373", "BOMRef": "pkg:npm/node-gyp@12.1.0" }, "Version": "12.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/node-gyp/package.json", "Digest": "sha1:9ad149cce8b65467fd308c678c38e460e6e61051" }, { "ID": "node-gyp@12.2.0", "Name": "node-gyp", "Identifier": { "PURL": "pkg:npm/node-gyp@12.2.0", "UID": "a5d5c4e17bd454a2", "BOMRef": "pkg:npm/node-gyp@12.2.0" }, "Version": "12.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/node-gyp/package.json", "Digest": "sha1:94024c2f80031bfd4736e8cfc7b7e32b6b83e2d3" }, { "ID": "nopt@9.0.0", "Name": "nopt", "Identifier": { "PURL": "pkg:npm/nopt@9.0.0", "UID": "f5e058ba5c292887", "BOMRef": "f51d140b-14da-4f68-9148-da8efd439206" }, "Version": "9.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/nopt/package.json", "Digest": "sha1:44fa7f32a18abb1dde67088e347d8f7c2bfed87f" }, { "ID": "nopt@9.0.0", "Name": "nopt", "Identifier": { "PURL": "pkg:npm/nopt@9.0.0", "UID": "223dadf404e88512", "BOMRef": "2a74ad96-29b4-4392-8ae6-f3c5ff6ff895" }, "Version": "9.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/nopt/package.json", "Digest": "sha1:44fa7f32a18abb1dde67088e347d8f7c2bfed87f" }, { "ID": "npm@11.11.0", "Name": "npm", "Identifier": { "PURL": "pkg:npm/npm@11.11.0", "UID": "482d9a978e914dcc", "BOMRef": "pkg:npm/npm@11.11.0" }, "Version": "11.11.0", "Licenses": [ "Artistic-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/package.json", "Digest": "sha1:1c4f1b3d9abe22e75b8a6a0af889363b22895c10" }, { "ID": "npm@11.8.0", "Name": "npm", "Identifier": { "PURL": "pkg:npm/npm@11.8.0", "UID": "f2f78709efe4f7d2", "BOMRef": "pkg:npm/npm@11.8.0" }, "Version": "11.8.0", "Licenses": [ "Artistic-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/package.json", "Digest": "sha1:90aee03cea02616588cafa36cd3630d1c1fa8302" }, { "ID": "npm-audit-report@7.0.0", "Name": "npm-audit-report", "Identifier": { "PURL": "pkg:npm/npm-audit-report@7.0.0", "UID": "7bff52d122663279", "BOMRef": "1c2848b8-2dcb-489e-be85-55d5d720c1ef" }, "Version": "7.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-audit-report/package.json", "Digest": "sha1:040167501ae6b37c24bfdfbbd67fcf467d37bdc0" }, { "ID": "npm-audit-report@7.0.0", "Name": "npm-audit-report", "Identifier": { "PURL": "pkg:npm/npm-audit-report@7.0.0", "UID": "83dd5c312b07094c", "BOMRef": "8795873a-124d-47b0-83d5-44b4dc632ec1" }, "Version": "7.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-audit-report/package.json", "Digest": "sha1:040167501ae6b37c24bfdfbbd67fcf467d37bdc0" }, { "ID": "npm-bundled@5.0.0", "Name": "npm-bundled", "Identifier": { "PURL": "pkg:npm/npm-bundled@5.0.0", "UID": "65f605359da161ed", "BOMRef": "007bf0ef-ee05-474d-ba7a-3e7df4b84687" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-bundled/package.json", "Digest": "sha1:9dfb03e07a30a5e91c2d051690fec605e0cad435" }, { "ID": "npm-bundled@5.0.0", "Name": "npm-bundled", "Identifier": { "PURL": "pkg:npm/npm-bundled@5.0.0", "UID": "f3144eff7df47bec", "BOMRef": "d2401589-bf58-403f-95f9-4b3e7d3da6ef" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-bundled/package.json", "Digest": "sha1:9dfb03e07a30a5e91c2d051690fec605e0cad435" }, { "ID": "npm-install-checks@8.0.0", "Name": "npm-install-checks", "Identifier": { "PURL": "pkg:npm/npm-install-checks@8.0.0", "UID": "348b3f0b961b023b", "BOMRef": "ec385791-d417-4fd0-9ca2-cd790e6e21db" }, "Version": "8.0.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-install-checks/package.json", "Digest": "sha1:407654a587e45ad83b936081f22670ebcaec1bc9" }, { "ID": "npm-install-checks@8.0.0", "Name": "npm-install-checks", "Identifier": { "PURL": "pkg:npm/npm-install-checks@8.0.0", "UID": "5ffd43587cfbf1df", "BOMRef": "a9eb3672-9acc-46a1-b5ab-c356e775157b" }, "Version": "8.0.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-install-checks/package.json", "Digest": "sha1:407654a587e45ad83b936081f22670ebcaec1bc9" }, { "ID": "npm-normalize-package-bin@5.0.0", "Name": "npm-normalize-package-bin", "Identifier": { "PURL": "pkg:npm/npm-normalize-package-bin@5.0.0", "UID": "aa44a27457c1d59f", "BOMRef": "959b64c7-ef2b-421d-a6aa-66adf7970351" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-normalize-package-bin/package.json", "Digest": "sha1:e525037807bb400a135f7e1be77c8dc97d78bb96" }, { "ID": "npm-normalize-package-bin@5.0.0", "Name": "npm-normalize-package-bin", "Identifier": { "PURL": "pkg:npm/npm-normalize-package-bin@5.0.0", "UID": "67ebf2f5eac5b527", "BOMRef": "fcc7a02d-df9e-46fb-b7cb-3e4ce94cdd95" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-normalize-package-bin/package.json", "Digest": "sha1:e525037807bb400a135f7e1be77c8dc97d78bb96" }, { "ID": "npm-package-arg@13.0.2", "Name": "npm-package-arg", "Identifier": { "PURL": "pkg:npm/npm-package-arg@13.0.2", "UID": "a0d2ed320dd2fecc", "BOMRef": "f531c3c1-64e5-4149-966f-964d4ab28748" }, "Version": "13.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-package-arg/package.json", "Digest": "sha1:68938fd68043d217f6ca9b6fb63c8a5470a3a589" }, { "ID": "npm-package-arg@13.0.2", "Name": "npm-package-arg", "Identifier": { "PURL": "pkg:npm/npm-package-arg@13.0.2", "UID": "9a4fc9868da0f860", "BOMRef": "53f3c07f-6964-4ce9-b925-741d1a5b2d82" }, "Version": "13.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-package-arg/package.json", "Digest": "sha1:68938fd68043d217f6ca9b6fb63c8a5470a3a589" }, { "ID": "npm-packlist@10.0.3", "Name": "npm-packlist", "Identifier": { "PURL": "pkg:npm/npm-packlist@10.0.3", "UID": "7f3fd03854de87d5", "BOMRef": "pkg:npm/npm-packlist@10.0.3" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-packlist/package.json", "Digest": "sha1:6a3cdda6728c40e4b1b1173cb1d0a53a222807f0" }, { "ID": "npm-packlist@10.0.4", "Name": "npm-packlist", "Identifier": { "PURL": "pkg:npm/npm-packlist@10.0.4", "UID": "89d1ae991b2dfce5", "BOMRef": "pkg:npm/npm-packlist@10.0.4" }, "Version": "10.0.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-packlist/package.json", "Digest": "sha1:cb96034f926a932fb94df071a7165f1fc25ef98d" }, { "ID": "npm-pick-manifest@11.0.3", "Name": "npm-pick-manifest", "Identifier": { "PURL": "pkg:npm/npm-pick-manifest@11.0.3", "UID": "9e0a528c929fdd9", "BOMRef": "3660f52b-227d-4fb3-b57b-c584cdd1d53f" }, "Version": "11.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-pick-manifest/package.json", "Digest": "sha1:da8b96c28cd5be842555739920b3574061b88b89" }, { "ID": "npm-pick-manifest@11.0.3", "Name": "npm-pick-manifest", "Identifier": { "PURL": "pkg:npm/npm-pick-manifest@11.0.3", "UID": "adf4dee8dcb7748b", "BOMRef": "92cfacf5-02c0-47d3-a806-684c5276a43a" }, "Version": "11.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-pick-manifest/package.json", "Digest": "sha1:da8b96c28cd5be842555739920b3574061b88b89" }, { "ID": "npm-profile@12.0.1", "Name": "npm-profile", "Identifier": { "PURL": "pkg:npm/npm-profile@12.0.1", "UID": "a8bbda22e08f001", "BOMRef": "9e1d7b79-998c-4173-8139-3c93e8787b64" }, "Version": "12.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-profile/package.json", "Digest": "sha1:5097ede462b66fae69c6420d7f1812d9ecc24d93" }, { "ID": "npm-profile@12.0.1", "Name": "npm-profile", "Identifier": { "PURL": "pkg:npm/npm-profile@12.0.1", "UID": "e382bb8ce1df8dd3", "BOMRef": "bb37d592-de9a-40f5-88ed-539d8f575594" }, "Version": "12.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-profile/package.json", "Digest": "sha1:5097ede462b66fae69c6420d7f1812d9ecc24d93" }, { "ID": "npm-registry-fetch@19.1.1", "Name": "npm-registry-fetch", "Identifier": { "PURL": "pkg:npm/npm-registry-fetch@19.1.1", "UID": "1224fcdb2cd6bb09", "BOMRef": "b5c73dbe-a0e7-48b2-81b8-f8bbad332c45" }, "Version": "19.1.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-registry-fetch/package.json", "Digest": "sha1:26d6a380dc0d9bf4e36329d53b453d4258834999" }, { "ID": "npm-registry-fetch@19.1.1", "Name": "npm-registry-fetch", "Identifier": { "PURL": "pkg:npm/npm-registry-fetch@19.1.1", "UID": "d763495560725149", "BOMRef": "c1c3f4bb-8413-4ff0-bb2d-54114a8a49ab" }, "Version": "19.1.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-registry-fetch/package.json", "Digest": "sha1:26d6a380dc0d9bf4e36329d53b453d4258834999" }, { "ID": "npm-user-validate@4.0.0", "Name": "npm-user-validate", "Identifier": { "PURL": "pkg:npm/npm-user-validate@4.0.0", "UID": "9f0070311e1f481b", "BOMRef": "0a63abf4-252b-422d-90af-626d521e2235" }, "Version": "4.0.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-user-validate/package.json", "Digest": "sha1:55bda8b4785869e477f5f02d1e9b0134bd86267f" }, { "ID": "npm-user-validate@4.0.0", "Name": "npm-user-validate", "Identifier": { "PURL": "pkg:npm/npm-user-validate@4.0.0", "UID": "a0bc9d9d02072ad2", "BOMRef": "f23e09be-86ef-42bf-bf1b-76ff6a127ac1" }, "Version": "4.0.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-user-validate/package.json", "Digest": "sha1:55bda8b4785869e477f5f02d1e9b0134bd86267f" }, { "ID": "p-map@7.0.4", "Name": "p-map", "Identifier": { "PURL": "pkg:npm/p-map@7.0.4", "UID": "a5c50bf501290e62", "BOMRef": "44992f9c-442a-4b55-a038-294c740a9628" }, "Version": "7.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/p-map/package.json", "Digest": "sha1:f7afd4bd0f710b2b0c099a22a646cda6fb927688" }, { "ID": "p-map@7.0.4", "Name": "p-map", "Identifier": { "PURL": "pkg:npm/p-map@7.0.4", "UID": "a25230553b06e1bb", "BOMRef": "d0bda899-4530-47f6-a4ca-5aa60d647e13" }, "Version": "7.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/p-map/package.json", "Digest": "sha1:f7afd4bd0f710b2b0c099a22a646cda6fb927688" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "dfae5b33bbe14774", "BOMRef": "a983a8c9-7b1f-4d46-9b2b-d2438792b556" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/package-json-from-dist/package.json", "Digest": "sha1:d93947bd52021bb5f785613249e0e198a3b48025" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "e09d377d273c6160", "BOMRef": "7a0f33f1-4873-4ba8-a7a7-047cf468ee78" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/package-json-from-dist/package.json", "Digest": "sha1:d93947bd52021bb5f785613249e0e198a3b48025" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "8af58fce5095a43e", "BOMRef": "ead58c0f-5668-46bb-bb52-f65afda75aa6" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/package-json-from-dist/package.json", "Digest": "sha1:d93947bd52021bb5f785613249e0e198a3b48025" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "bec483cc2f4861a5", "BOMRef": "ccf7293b-563f-41ba-a62d-ff48808be52e" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/package-json-from-dist/package.json", "Digest": "sha1:d93947bd52021bb5f785613249e0e198a3b48025" }, { "ID": "pacote@21.0.4", "Name": "pacote", "Identifier": { "PURL": "pkg:npm/pacote@21.0.4", "UID": "c4dbdfd8eccd4ab2", "BOMRef": "pkg:npm/pacote@21.0.4" }, "Version": "21.0.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/pacote/package.json", "Digest": "sha1:50daecc71eeca347e0ed1b031bd1ce69eebd22b0" }, { "ID": "pacote@21.4.0", "Name": "pacote", "Identifier": { "PURL": "pkg:npm/pacote@21.4.0", "UID": "e9a9d58c225db719", "BOMRef": "pkg:npm/pacote@21.4.0" }, "Version": "21.4.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/pacote/package.json", "Digest": "sha1:c83c4e5a82376a1bd201f893b24e09897ba0817a" }, { "ID": "parse-conflict-json@5.0.1", "Name": "parse-conflict-json", "Identifier": { "PURL": "pkg:npm/parse-conflict-json@5.0.1", "UID": "10bb17ef66d04605", "BOMRef": "8e3bd55e-d666-4079-a02a-433c6ea1ecc1" }, "Version": "5.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/parse-conflict-json/package.json", "Digest": "sha1:9665d46107a1ad4846912f83ee204314dfe18f6a" }, { "ID": "parse-conflict-json@5.0.1", "Name": "parse-conflict-json", "Identifier": { "PURL": "pkg:npm/parse-conflict-json@5.0.1", "UID": "800f94586ec24087", "BOMRef": "af6ac0a6-7970-406d-93d3-deb6a41468b8" }, "Version": "5.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/parse-conflict-json/package.json", "Digest": "sha1:9665d46107a1ad4846912f83ee204314dfe18f6a" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "779e934319f85fd9", "BOMRef": "e63922d0-dd19-478a-9d5b-b2372e5c7602" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/path-key/package.json", "Digest": "sha1:f330c46f59dbdd92dddf8a2cfc2c1569b469bdd2" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "c7598109f5a4ed70", "BOMRef": "7c551bb5-0a01-4e8b-ac6a-4734ac4f52f1" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/path-key/package.json", "Digest": "sha1:f330c46f59dbdd92dddf8a2cfc2c1569b469bdd2" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "a3b79234708ad04", "BOMRef": "f6b835aa-d3df-48a8-a785-0178e162cfe9" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/path-key/package.json", "Digest": "sha1:f330c46f59dbdd92dddf8a2cfc2c1569b469bdd2" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "a94273c0d844a4fd", "BOMRef": "4016131b-2ca8-4df4-b73c-163b0a210e8c" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/path-key/package.json", "Digest": "sha1:f330c46f59dbdd92dddf8a2cfc2c1569b469bdd2" }, { "ID": "path-scurry@2.0.1", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.1", "UID": "f8ddaeb08d246c70", "BOMRef": "pkg:npm/path-scurry@2.0.1" }, "Version": "2.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/path-scurry/package.json", "Digest": "sha1:e76f88f36b2a9decd23e2a1635afba30de8f1809" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "803620f032e7efe7", "BOMRef": "ffc26391-3501-45b0-9270-76827e0f14fa" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "c69a221d511004e", "BOMRef": "ba7111c3-0c64-403f-8da7-7584666bdcd0" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "165f4901fd5b8f3d", "BOMRef": "177d9709-41e4-44c2-9d8d-5266d14b7659" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "c0d8143d3ffb26d6", "BOMRef": "8ac7164f-239e-4793-9b47-4e7205b5e5cb" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "1983f4c305a2592a", "BOMRef": "20c3a7cc-7f64-4caa-a41c-4725a6e35cb7" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "picomatch@4.0.3", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "cfe4c3325bd5aac8", "BOMRef": "0051fd5f-ab67-4b23-8947-61604cd155cd" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "Digest": "sha1:d5b57c1efc38eb0545dbf3eaffe857ba94597f07" }, { "ID": "picomatch@4.0.3", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "78f6e7c10d834b6d", "BOMRef": "c8e640ff-8f05-42db-86d9-89df3fdd09e1" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "Digest": "sha1:d5b57c1efc38eb0545dbf3eaffe857ba94597f07" }, { "ID": "postcss-selector-parser@7.1.1", "Name": "postcss-selector-parser", "Identifier": { "PURL": "pkg:npm/postcss-selector-parser@7.1.1", "UID": "f93a1bb46a071d24", "BOMRef": "5a54de32-0a03-400d-beb8-f61b8742de6a" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/postcss-selector-parser/package.json", "Digest": "sha1:97ad05d49550a0c52b32de253cc8fe8e6241b987" }, { "ID": "postcss-selector-parser@7.1.1", "Name": "postcss-selector-parser", "Identifier": { "PURL": "pkg:npm/postcss-selector-parser@7.1.1", "UID": "31ae5adee79b460f", "BOMRef": "3b5f0995-2203-4047-85bd-dcfa84921e03" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/postcss-selector-parser/package.json", "Digest": "sha1:97ad05d49550a0c52b32de253cc8fe8e6241b987" }, { "ID": "prisma@5.4.2", "Name": "prisma", "Identifier": { "PURL": "pkg:npm/prisma@5.4.2", "UID": "c2001ba392128a6c", "BOMRef": "pkg:npm/prisma@5.4.2" }, "Version": "5.4.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:89c9cfeb56ed9047a91c8dd00f3f366edcf6ebbef3b177a644d756ca718d2e14", "DiffID": "sha256:07fcf3e52c621be9e5ca0b1a145d6d837660b940a703a69f02ad054edd58af5a" }, "FilePath": "root/.cache/prisma-python/binaries/5.4.2/ac9d7041ed77bcc8a8dbd2ab6616b39013829574/node_modules/prisma/package.json", "Digest": "sha1:233149234d81830aa27b624c884739e1f8c7498b" }, { "ID": "prisma-binaries@1.0.0", "Name": "prisma-binaries", "Identifier": { "PURL": "pkg:npm/prisma-binaries@1.0.0", "UID": "46b5eeb4683c5a88", "BOMRef": "pkg:npm/prisma-binaries@1.0.0" }, "Version": "1.0.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:89c9cfeb56ed9047a91c8dd00f3f366edcf6ebbef3b177a644d756ca718d2e14", "DiffID": "sha256:07fcf3e52c621be9e5ca0b1a145d6d837660b940a703a69f02ad054edd58af5a" }, "FilePath": "root/.cache/prisma-python/binaries/5.4.2/ac9d7041ed77bcc8a8dbd2ab6616b39013829574/package.json", "Digest": "sha1:13da9e1561789f778831c4ebefed1268d740601d" }, { "ID": "proc-log@6.1.0", "Name": "proc-log", "Identifier": { "PURL": "pkg:npm/proc-log@6.1.0", "UID": "5f90a4dc7baeb81e", "BOMRef": "fa279394-e907-4c0d-833e-79afb19cd877" }, "Version": "6.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/proc-log/package.json", "Digest": "sha1:1be791ec94791bad88368bd320e09768d19af950" }, { "ID": "proc-log@6.1.0", "Name": "proc-log", "Identifier": { "PURL": "pkg:npm/proc-log@6.1.0", "UID": "bde9f16e8a3d8f3e", "BOMRef": "ab5a9a53-59ed-45fe-abb7-b1a2ca932bb6" }, "Version": "6.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/proc-log/package.json", "Digest": "sha1:1be791ec94791bad88368bd320e09768d19af950" }, { "ID": "proggy@4.0.0", "Name": "proggy", "Identifier": { "PURL": "pkg:npm/proggy@4.0.0", "UID": "e9017c94173a5ec0", "BOMRef": "e8e2f16c-fbbf-4c57-a457-f9372df5af8e" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/proggy/package.json", "Digest": "sha1:6561cfc6f2b76082d0bd2e5d7c63b4ef20fe8578" }, { "ID": "proggy@4.0.0", "Name": "proggy", "Identifier": { "PURL": "pkg:npm/proggy@4.0.0", "UID": "eaa5193b7203c695", "BOMRef": "6c68190c-d94a-4040-96ff-f1d93d4b7cb7" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/proggy/package.json", "Digest": "sha1:6561cfc6f2b76082d0bd2e5d7c63b4ef20fe8578" }, { "ID": "promise-all-reject-late@1.0.1", "Name": "promise-all-reject-late", "Identifier": { "PURL": "pkg:npm/promise-all-reject-late@1.0.1", "UID": "4886bde14aa64342", "BOMRef": "3b421906-fd2f-4fa5-a6b9-a914de78fb88" }, "Version": "1.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/promise-all-reject-late/package.json", "Digest": "sha1:c88aa929d83fb2bbf326f7c62103da6b8c48c4df" }, { "ID": "promise-all-reject-late@1.0.1", "Name": "promise-all-reject-late", "Identifier": { "PURL": "pkg:npm/promise-all-reject-late@1.0.1", "UID": "5e733b2ab33d397a", "BOMRef": "b714e982-be7a-4c84-a632-d018af5a5d05" }, "Version": "1.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/promise-all-reject-late/package.json", "Digest": "sha1:c88aa929d83fb2bbf326f7c62103da6b8c48c4df" }, { "ID": "promise-call-limit@3.0.2", "Name": "promise-call-limit", "Identifier": { "PURL": "pkg:npm/promise-call-limit@3.0.2", "UID": "f7766640ddc3b0dc", "BOMRef": "1e7070b7-1274-4d64-acbb-3ec3db81a21a" }, "Version": "3.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/promise-call-limit/package.json", "Digest": "sha1:27f3261a15e6ace571c3ad192e878cec1d9358c9" }, { "ID": "promise-call-limit@3.0.2", "Name": "promise-call-limit", "Identifier": { "PURL": "pkg:npm/promise-call-limit@3.0.2", "UID": "7de5d720d4c94cec", "BOMRef": "875d223d-04df-482e-ae00-19d21c123f98" }, "Version": "3.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/promise-call-limit/package.json", "Digest": "sha1:27f3261a15e6ace571c3ad192e878cec1d9358c9" }, { "ID": "promise-retry@2.0.1", "Name": "promise-retry", "Identifier": { "PURL": "pkg:npm/promise-retry@2.0.1", "UID": "188f11c353835171", "BOMRef": "e008eebb-c36a-4a38-916d-4ada1a4ef773" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/promise-retry/package.json", "Digest": "sha1:fc649cbedea73287db37a431e5761e9c0b4abca9" }, { "ID": "promise-retry@2.0.1", "Name": "promise-retry", "Identifier": { "PURL": "pkg:npm/promise-retry@2.0.1", "UID": "ef635162ec6f21e3", "BOMRef": "c8e884f1-47cc-496e-bd93-d55cb650c80a" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/promise-retry/package.json", "Digest": "sha1:fc649cbedea73287db37a431e5761e9c0b4abca9" }, { "ID": "promzard@3.0.1", "Name": "promzard", "Identifier": { "PURL": "pkg:npm/promzard@3.0.1", "UID": "9b1c179e7784fb69", "BOMRef": "bfab8010-0ee0-4b95-a1a2-84b4f2cf127d" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/promzard/package.json", "Digest": "sha1:cf40b5b5f6e3f70b866ca5d7fe08e00aae1bc33c" }, { "ID": "promzard@3.0.1", "Name": "promzard", "Identifier": { "PURL": "pkg:npm/promzard@3.0.1", "UID": "76a5479d9b431cb1", "BOMRef": "23e5b898-2ac3-4897-be7f-1e582a643f7f" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/promzard/package.json", "Digest": "sha1:cf40b5b5f6e3f70b866ca5d7fe08e00aae1bc33c" }, { "ID": "qrcode-terminal@0.12.0", "Name": "qrcode-terminal", "Identifier": { "PURL": "pkg:npm/qrcode-terminal@0.12.0", "UID": "68cd8b8d69ad7290", "BOMRef": "6aa341a5-0f1b-4103-9cf2-6fe330b53060" }, "Version": "0.12.0", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/qrcode-terminal/package.json", "Digest": "sha1:4a84ac3decfe9f31da851b98dedd698f935b83bc" }, { "ID": "qrcode-terminal@0.12.0", "Name": "qrcode-terminal", "Identifier": { "PURL": "pkg:npm/qrcode-terminal@0.12.0", "UID": "9d5938ccbd07ffd6", "BOMRef": "e73dd944-4cdd-446b-b7b4-7fbbff6162d7" }, "Version": "0.12.0", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/qrcode-terminal/package.json", "Digest": "sha1:4a84ac3decfe9f31da851b98dedd698f935b83bc" }, { "ID": "read@5.0.1", "Name": "read", "Identifier": { "PURL": "pkg:npm/read@5.0.1", "UID": "a2f3d294b0d94d74", "BOMRef": "4baffc6d-bf11-42a4-8bfd-a86d403531ba" }, "Version": "5.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/read/package.json", "Digest": "sha1:202675a6008d164feb9732ab21970a1977d40693" }, { "ID": "read@5.0.1", "Name": "read", "Identifier": { "PURL": "pkg:npm/read@5.0.1", "UID": "1d2d1dcb64596eca", "BOMRef": "a673a097-8dd1-4db4-b154-dae848a1fdab" }, "Version": "5.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/read/package.json", "Digest": "sha1:202675a6008d164feb9732ab21970a1977d40693" }, { "ID": "read-cmd-shim@6.0.0", "Name": "read-cmd-shim", "Identifier": { "PURL": "pkg:npm/read-cmd-shim@6.0.0", "UID": "9efaa026b0319be4", "BOMRef": "cfeb392d-9870-4868-9c15-a0096a768e01" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/read-cmd-shim/package.json", "Digest": "sha1:bb22c7694960e98b244d220ac92c31f556b9a454" }, { "ID": "read-cmd-shim@6.0.0", "Name": "read-cmd-shim", "Identifier": { "PURL": "pkg:npm/read-cmd-shim@6.0.0", "UID": "1facab287de06663", "BOMRef": "55bfe1e2-de05-4569-b055-80b5ff69c5fe" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/read-cmd-shim/package.json", "Digest": "sha1:bb22c7694960e98b244d220ac92c31f556b9a454" }, { "ID": "retry@0.12.0", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.12.0", "UID": "acde958af85bd5b4", "BOMRef": "97c35015-b59e-4acf-89f0-fe80ed500d93" }, "Version": "0.12.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/retry/package.json", "Digest": "sha1:10dd0941e4e65c436c4f7111efdb1679c966c478" }, { "ID": "retry@0.12.0", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.12.0", "UID": "bcf0c49cd3ef0f9a", "BOMRef": "abd30b36-c01a-4532-ba90-47b3103ad82b" }, "Version": "0.12.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/retry/package.json", "Digest": "sha1:10dd0941e4e65c436c4f7111efdb1679c966c478" }, { "ID": "retry@0.13.1", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.13.1", "UID": "7eefe681335c3b38", "BOMRef": "pkg:npm/retry@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@gar/promise-retry/node_modules/retry/package.json", "Digest": "sha1:59938dbd56e639fc8e328046d447a7f1e50d2603" }, { "ID": "safer-buffer@2.1.2", "Name": "safer-buffer", "Identifier": { "PURL": "pkg:npm/safer-buffer@2.1.2", "UID": "7d71c2b01e6d6c35", "BOMRef": "42693f47-68ba-4f0b-bff7-a05c80ad328f" }, "Version": "2.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/safer-buffer/package.json", "Digest": "sha1:5ed0fab8e5cac53e4d072acbd82fca9be08f5e67" }, { "ID": "safer-buffer@2.1.2", "Name": "safer-buffer", "Identifier": { "PURL": "pkg:npm/safer-buffer@2.1.2", "UID": "a04448bb35019991", "BOMRef": "97678cf5-e255-4f5f-81b8-7b6bfe1ac801" }, "Version": "2.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/safer-buffer/package.json", "Digest": "sha1:5ed0fab8e5cac53e4d072acbd82fca9be08f5e67" }, { "ID": "semver@7.7.3", "Name": "semver", "Identifier": { "PURL": "pkg:npm/semver@7.7.3", "UID": "aa6e0bb7f3517a55", "BOMRef": "pkg:npm/semver@7.7.3" }, "Version": "7.7.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/semver/package.json", "Digest": "sha1:8b79d46abe6fc320567c34edb59ab3f88ed2f581" }, { "ID": "semver@7.7.4", "Name": "semver", "Identifier": { "PURL": "pkg:npm/semver@7.7.4", "UID": "895d9b19ca5631b", "BOMRef": "pkg:npm/semver@7.7.4" }, "Version": "7.7.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/semver/package.json", "Digest": "sha1:d9596b0dfd52092ec49e20d3e586feaeb5d47ffb" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "b33160591c810b52", "BOMRef": "aab33e75-24e0-4d51-93cb-cbb6225735b9" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/shebang-command/package.json", "Digest": "sha1:2e2395a2e489846382e5cefdf011dcd7cacb82a5" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "99c813538ff8566c", "BOMRef": "58e5f3c1-5d17-4f86-8f34-a0a2ea3b38f3" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/shebang-command/package.json", "Digest": "sha1:2e2395a2e489846382e5cefdf011dcd7cacb82a5" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "59a7dbbfd5277020", "BOMRef": "657e2087-c5cf-42ea-b06b-854446888103" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/shebang-command/package.json", "Digest": "sha1:2e2395a2e489846382e5cefdf011dcd7cacb82a5" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "ee277d846126f9e4", "BOMRef": "58d252f5-e4b8-42bc-8933-da5a61980ee0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/shebang-command/package.json", "Digest": "sha1:2e2395a2e489846382e5cefdf011dcd7cacb82a5" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "5a5d54aae0cb0e13", "BOMRef": "bcbc1787-d3af-425a-833f-c6af0b434a36" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/shebang-regex/package.json", "Digest": "sha1:4c10640951d12ad418aa40c29b550fdfe3d2567a" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "233783a532bdc266", "BOMRef": "6fcf7f32-9e76-4a41-8795-c1f514c13747" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/shebang-regex/package.json", "Digest": "sha1:4c10640951d12ad418aa40c29b550fdfe3d2567a" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "8abce994d89d773f", "BOMRef": "dbd24ac2-c4d7-4529-b6e2-49c9e2f4786d" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/shebang-regex/package.json", "Digest": "sha1:4c10640951d12ad418aa40c29b550fdfe3d2567a" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "d429c597a5df1e6a", "BOMRef": "61138eb3-c29e-43e0-ba7b-4e4ab1417833" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/shebang-regex/package.json", "Digest": "sha1:4c10640951d12ad418aa40c29b550fdfe3d2567a" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "cc50692463830ff3", "BOMRef": "7cba0348-5e7f-4dcb-b7e9-d1eea737488d" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "a276883718a7fee7", "BOMRef": "d7809699-03e2-4717-9786-0ffa0272dc59" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "5b2d2347b843effd", "BOMRef": "e5390b35-b3eb-4c28-abf5-96a169f485f4" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "74c2279829e5ba5c", "BOMRef": "6a77c02d-4155-435a-8528-42c9bb4e0e19" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "e3c76e71722a9e4b", "BOMRef": "a137160a-a4bb-46d5-a79c-3756ebe79d5c" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "7881402484101efd", "BOMRef": "5b24f68b-abb2-4346-b573-2372960c174b" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "sigstore@4.1.0", "Name": "sigstore", "Identifier": { "PURL": "pkg:npm/sigstore@4.1.0", "UID": "8dc1084783d89738", "BOMRef": "bea6bac3-9c7c-484e-a1d0-8ad181e44a10" }, "Version": "4.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/sigstore/package.json", "Digest": "sha1:a0a695a5c6df89e050ae2802dad080b0dd66e986" }, { "ID": "sigstore@4.1.0", "Name": "sigstore", "Identifier": { "PURL": "pkg:npm/sigstore@4.1.0", "UID": "499d67873c5bc221", "BOMRef": "b69fc652-ca6c-4aea-8aa2-7a84b90ac075" }, "Version": "4.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/sigstore/package.json", "Digest": "sha1:a0a695a5c6df89e050ae2802dad080b0dd66e986" }, { "ID": "smart-buffer@4.2.0", "Name": "smart-buffer", "Identifier": { "PURL": "pkg:npm/smart-buffer@4.2.0", "UID": "e24befdaaaacad35", "BOMRef": "f04ede75-e6ad-48b2-b612-aae7990f5845" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/smart-buffer/package.json", "Digest": "sha1:a9db89be9421029bd73baf8199042a08253a0b59" }, { "ID": "smart-buffer@4.2.0", "Name": "smart-buffer", "Identifier": { "PURL": "pkg:npm/smart-buffer@4.2.0", "UID": "5eab65d485ff6de4", "BOMRef": "c7fafd9b-3c21-4e67-ac1b-c57d375e0c84" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/smart-buffer/package.json", "Digest": "sha1:a9db89be9421029bd73baf8199042a08253a0b59" }, { "ID": "socks@2.8.7", "Name": "socks", "Identifier": { "PURL": "pkg:npm/socks@2.8.7", "UID": "ce3fae9fc13c823f", "BOMRef": "36b94715-9196-42ca-a18a-aebb95c1121b" }, "Version": "2.8.7", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/socks/package.json", "Digest": "sha1:c92d113f3614e8c725fc4de50c3312bdcde18258" }, { "ID": "socks@2.8.7", "Name": "socks", "Identifier": { "PURL": "pkg:npm/socks@2.8.7", "UID": "a9cfa0f01cb4264", "BOMRef": "3e103881-1978-4cd3-993c-174d1f5d6ec6" }, "Version": "2.8.7", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/socks/package.json", "Digest": "sha1:c92d113f3614e8c725fc4de50c3312bdcde18258" }, { "ID": "socks-proxy-agent@8.0.5", "Name": "socks-proxy-agent", "Identifier": { "PURL": "pkg:npm/socks-proxy-agent@8.0.5", "UID": "25bab8b0c2f7fca8", "BOMRef": "9a275ff6-5b03-4b01-be12-9513e950228b" }, "Version": "8.0.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/socks-proxy-agent/package.json", "Digest": "sha1:a52f0cff949fd82f9e42d4214d2917964d7a9bdb" }, { "ID": "socks-proxy-agent@8.0.5", "Name": "socks-proxy-agent", "Identifier": { "PURL": "pkg:npm/socks-proxy-agent@8.0.5", "UID": "e84c3a6334ce49ea", "BOMRef": "60b01a07-f1b3-4d08-805f-bfe650fa5c2c" }, "Version": "8.0.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/socks-proxy-agent/package.json", "Digest": "sha1:a52f0cff949fd82f9e42d4214d2917964d7a9bdb" }, { "ID": "spdx-correct@3.2.0", "Name": "spdx-correct", "Identifier": { "PURL": "pkg:npm/spdx-correct@3.2.0", "UID": "8f88a37f8a070fb0", "BOMRef": "pkg:npm/spdx-correct@3.2.0" }, "Version": "3.2.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-correct/package.json", "Digest": "sha1:a7a8f7467469c676a88934b972d08c03c9a4b7b4" }, { "ID": "spdx-exceptions@2.5.0", "Name": "spdx-exceptions", "Identifier": { "PURL": "pkg:npm/spdx-exceptions@2.5.0", "UID": "a39f969c2f238d15", "BOMRef": "420c6d9a-75fb-4bc7-a8d4-2c565e57a062" }, "Version": "2.5.0", "Licenses": [ "CC-BY-3.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-exceptions/package.json", "Digest": "sha1:0f731ec5551fde840e6213e20cd9fbdc53468290" }, { "ID": "spdx-exceptions@2.5.0", "Name": "spdx-exceptions", "Identifier": { "PURL": "pkg:npm/spdx-exceptions@2.5.0", "UID": "27214c5d437b9e2a", "BOMRef": "fda76d95-a38b-46a4-ab45-f8740c09d6ab" }, "Version": "2.5.0", "Licenses": [ "CC-BY-3.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/spdx-exceptions/package.json", "Digest": "sha1:0f731ec5551fde840e6213e20cd9fbdc53468290" }, { "ID": "spdx-expression-parse@3.0.1", "Name": "spdx-expression-parse", "Identifier": { "PURL": "pkg:npm/spdx-expression-parse@3.0.1", "UID": "fc7dbe0a3ad881d6", "BOMRef": "8436c317-aab5-49dc-a10a-6d0bcd8857cd" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-correct/node_modules/spdx-expression-parse/package.json", "Digest": "sha1:72082a3e9d4efe5a06c914b7ffa738f35b550ffb" }, { "ID": "spdx-expression-parse@3.0.1", "Name": "spdx-expression-parse", "Identifier": { "PURL": "pkg:npm/spdx-expression-parse@3.0.1", "UID": "65c24d1dd009192a", "BOMRef": "da7fefa5-fa10-4e5e-a747-379372d5374f" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse/package.json", "Digest": "sha1:72082a3e9d4efe5a06c914b7ffa738f35b550ffb" }, { "ID": "spdx-expression-parse@4.0.0", "Name": "spdx-expression-parse", "Identifier": { "PURL": "pkg:npm/spdx-expression-parse@4.0.0", "UID": "8129d1993b076303", "BOMRef": "ee203862-ae8f-4033-83b2-3f8b9e3b8f9a" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-expression-parse/package.json", "Digest": "sha1:3f1b1059652d04327b6b0513080e242935399c30" }, { "ID": "spdx-expression-parse@4.0.0", "Name": "spdx-expression-parse", "Identifier": { "PURL": "pkg:npm/spdx-expression-parse@4.0.0", "UID": "f11df057dbdf5d0b", "BOMRef": "90921f10-d81e-4a2f-b0e4-1ff9d6318252" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/spdx-expression-parse/package.json", "Digest": "sha1:3f1b1059652d04327b6b0513080e242935399c30" }, { "ID": "spdx-license-ids@3.0.22", "Name": "spdx-license-ids", "Identifier": { "PURL": "pkg:npm/spdx-license-ids@3.0.22", "UID": "ebe0fe5186fdf9b3", "BOMRef": "pkg:npm/spdx-license-ids@3.0.22" }, "Version": "3.0.22", "Licenses": [ "CC0-1.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-license-ids/package.json", "Digest": "sha1:0c921a3dffa4e1c2bcfdf3559a7c1713090b08f2" }, { "ID": "spdx-license-ids@3.0.23", "Name": "spdx-license-ids", "Identifier": { "PURL": "pkg:npm/spdx-license-ids@3.0.23", "UID": "d92e62a152d13d4", "BOMRef": "pkg:npm/spdx-license-ids@3.0.23" }, "Version": "3.0.23", "Licenses": [ "CC0-1.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/spdx-license-ids/package.json", "Digest": "sha1:e804161e6108792db7c0d626338f51b2dcf9bf7f" }, { "ID": "ssri@13.0.0", "Name": "ssri", "Identifier": { "PURL": "pkg:npm/ssri@13.0.0", "UID": "1109c40874265d64", "BOMRef": "pkg:npm/ssri@13.0.0" }, "Version": "13.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ssri/package.json", "Digest": "sha1:8abdcfa076c039e1f09d3b4554b0bad0c8d31d3e" }, { "ID": "ssri@13.0.1", "Name": "ssri", "Identifier": { "PURL": "pkg:npm/ssri@13.0.1", "UID": "b3ddc6baf8f2c02f", "BOMRef": "pkg:npm/ssri@13.0.1" }, "Version": "13.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ssri/package.json", "Digest": "sha1:c91b5cd4329cb25896064409cb45f2428e32f239" }, { "ID": "string-width@4.2.3", "Name": "string-width", "Identifier": { "PURL": "pkg:npm/string-width@4.2.3", "UID": "d5312573ea020b3", "BOMRef": "pkg:npm/string-width@4.2.3" }, "Version": "4.2.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/string-width/package.json", "Digest": "sha1:a5306c15bba6cb123d9f061ca85eb56576c6638f" }, { "ID": "strip-ansi@6.0.1", "Name": "strip-ansi", "Identifier": { "PURL": "pkg:npm/strip-ansi@6.0.1", "UID": "10e192e809bad94e", "BOMRef": "pkg:npm/strip-ansi@6.0.1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/strip-ansi/package.json", "Digest": "sha1:892d549c672831716abe655f087946d2644f2852" }, { "ID": "supports-color@10.2.2", "Name": "supports-color", "Identifier": { "PURL": "pkg:npm/supports-color@10.2.2", "UID": "6a76a62c48114517", "BOMRef": "79cab4ba-fd01-45bc-a412-f62e09a646aa" }, "Version": "10.2.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/supports-color/package.json", "Digest": "sha1:ba4fdcabc29b4cd931da15c51981f96731bd1b1e" }, { "ID": "supports-color@10.2.2", "Name": "supports-color", "Identifier": { "PURL": "pkg:npm/supports-color@10.2.2", "UID": "2a784aafc4a83ed7", "BOMRef": "1580dab7-c697-4f58-8c89-5858074bfba8" }, "Version": "10.2.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/supports-color/package.json", "Digest": "sha1:ba4fdcabc29b4cd931da15c51981f96731bd1b1e" }, { "ID": "tar@7.5.8", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "ae1a9016ef9e93ae", "BOMRef": "00a52a0b-7e17-40d5-9c37-4d71d214f264" }, "Version": "7.5.8", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/package.json", "Digest": "sha1:bb602d72821b219f56ca9ded25a2899712ec7b75" }, { "ID": "tar@7.5.8", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "c26113eae931014f", "BOMRef": "40ba55e5-5215-484c-835a-824ea545dad7" }, "Version": "7.5.8", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/package.json", "Digest": "sha1:bb602d72821b219f56ca9ded25a2899712ec7b75" }, { "ID": "tar@7.5.8", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "f1ff7b6d5269a38c", "BOMRef": "77ec8e78-d376-4ccc-b48c-13f460214931" }, "Version": "7.5.8", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/package.json", "Digest": "sha1:bb602d72821b219f56ca9ded25a2899712ec7b75" }, { "ID": "tar@7.5.8", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "8222b0c7dc7cbc6e", "BOMRef": "eddaddab-83fe-421e-8cc8-f5a640a6be87" }, "Version": "7.5.8", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/package.json", "Digest": "sha1:bb602d72821b219f56ca9ded25a2899712ec7b75" }, { "ID": "text-table@0.2.0", "Name": "text-table", "Identifier": { "PURL": "pkg:npm/text-table@0.2.0", "UID": "cb42984296b9fe5b", "BOMRef": "26bbb6f7-99e2-48d3-8631-2072b8da9589" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/text-table/package.json", "Digest": "sha1:f63faee888ad065881dff49fc3e3de8ac57b2ae2" }, { "ID": "text-table@0.2.0", "Name": "text-table", "Identifier": { "PURL": "pkg:npm/text-table@0.2.0", "UID": "ccab5fdb07bc018a", "BOMRef": "051c30ec-bbb0-4f04-a816-46ffacb99c44" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/text-table/package.json", "Digest": "sha1:f63faee888ad065881dff49fc3e3de8ac57b2ae2" }, { "ID": "tiny-relative-date@2.0.2", "Name": "tiny-relative-date", "Identifier": { "PURL": "pkg:npm/tiny-relative-date@2.0.2", "UID": "27e00600eb781a34", "BOMRef": "1a58aabd-00d3-422b-b71b-f7918ade7ceb" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tiny-relative-date/package.json", "Digest": "sha1:120561f313d4901b1dc03b2594ecc45cfe2ad550" }, { "ID": "tiny-relative-date@2.0.2", "Name": "tiny-relative-date", "Identifier": { "PURL": "pkg:npm/tiny-relative-date@2.0.2", "UID": "6dc90978a7581ab5", "BOMRef": "fe9d5049-7e00-43b4-8003-e88837fd6584" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tiny-relative-date/package.json", "Digest": "sha1:120561f313d4901b1dc03b2594ecc45cfe2ad550" }, { "ID": "tinyglobby@0.2.15", "Name": "tinyglobby", "Identifier": { "PURL": "pkg:npm/tinyglobby@0.2.15", "UID": "75d477dd48c72a1e", "BOMRef": "d3a3a671-82a2-43da-8408-213ecdc85b29" }, "Version": "0.2.15", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/package.json", "Digest": "sha1:811354c5cc4a6c4f64899ed3fcd9f91a7a36e857" }, { "ID": "tinyglobby@0.2.15", "Name": "tinyglobby", "Identifier": { "PURL": "pkg:npm/tinyglobby@0.2.15", "UID": "e85729d39c7bd5a3", "BOMRef": "25ecc5a2-4a50-4234-bd93-1a152b250ab6" }, "Version": "0.2.15", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/package.json", "Digest": "sha1:811354c5cc4a6c4f64899ed3fcd9f91a7a36e857" }, { "ID": "treeverse@3.0.0", "Name": "treeverse", "Identifier": { "PURL": "pkg:npm/treeverse@3.0.0", "UID": "5b8cca7bb935fba", "BOMRef": "bb512f4f-5624-4472-89ba-21284fdf7f58" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/treeverse/package.json", "Digest": "sha1:83653dcf5b0c581f485febcbeb9152176632bed0" }, { "ID": "treeverse@3.0.0", "Name": "treeverse", "Identifier": { "PURL": "pkg:npm/treeverse@3.0.0", "UID": "b5fa47a35398b9b5", "BOMRef": "b43305d8-48f6-4486-93e4-5b8b145b8b1d" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/treeverse/package.json", "Digest": "sha1:83653dcf5b0c581f485febcbeb9152176632bed0" }, { "ID": "tuf-js@4.1.0", "Name": "tuf-js", "Identifier": { "PURL": "pkg:npm/tuf-js@4.1.0", "UID": "bf6b556085f23259", "BOMRef": "1b58ac5e-4bbd-416c-aa75-e20f170fd64d" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tuf-js/package.json", "Digest": "sha1:43aa062b744de4a123e714337d05adaa483ceed1" }, { "ID": "tuf-js@4.1.0", "Name": "tuf-js", "Identifier": { "PURL": "pkg:npm/tuf-js@4.1.0", "UID": "8ee4f8b5d9375749", "BOMRef": "ea98800e-4f65-4c0f-b30a-03509ed750b0" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tuf-js/package.json", "Digest": "sha1:43aa062b744de4a123e714337d05adaa483ceed1" }, { "ID": "unique-filename@5.0.0", "Name": "unique-filename", "Identifier": { "PURL": "pkg:npm/unique-filename@5.0.0", "UID": "55dfd4b470b60e71", "BOMRef": "be982e71-5f12-48b4-8812-350d5b0eaf4e" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/unique-filename/package.json", "Digest": "sha1:6450c655c66643d252cdc98fc3c413fda26dfeee" }, { "ID": "unique-filename@5.0.0", "Name": "unique-filename", "Identifier": { "PURL": "pkg:npm/unique-filename@5.0.0", "UID": "210be320d7525059", "BOMRef": "f8683580-16eb-4cc3-98a0-d8efc27193d8" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/unique-filename/package.json", "Digest": "sha1:6450c655c66643d252cdc98fc3c413fda26dfeee" }, { "ID": "unique-slug@6.0.0", "Name": "unique-slug", "Identifier": { "PURL": "pkg:npm/unique-slug@6.0.0", "UID": "eaaecdee49ff8c72", "BOMRef": "464c47cd-b2ab-4f69-9670-d15c2cbf7268" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/unique-slug/package.json", "Digest": "sha1:8e5c78d6e2c33153024c55a1d4d1730592e3915c" }, { "ID": "unique-slug@6.0.0", "Name": "unique-slug", "Identifier": { "PURL": "pkg:npm/unique-slug@6.0.0", "UID": "61a0634dd357a5b9", "BOMRef": "b0354059-6e14-45de-8b9f-73333e50e2f9" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/unique-slug/package.json", "Digest": "sha1:8e5c78d6e2c33153024c55a1d4d1730592e3915c" }, { "ID": "util-deprecate@1.0.2", "Name": "util-deprecate", "Identifier": { "PURL": "pkg:npm/util-deprecate@1.0.2", "UID": "a1247c494a3eb7c3", "BOMRef": "fb63909b-8ca7-431a-8054-4759b5334530" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/util-deprecate/package.json", "Digest": "sha1:2e69081e7bab6e09d3dcfd680716fdeea577431d" }, { "ID": "util-deprecate@1.0.2", "Name": "util-deprecate", "Identifier": { "PURL": "pkg:npm/util-deprecate@1.0.2", "UID": "b160104ea8db6013", "BOMRef": "ad474139-94d7-46e7-9d55-02af4e1dccd8" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/util-deprecate/package.json", "Digest": "sha1:2e69081e7bab6e09d3dcfd680716fdeea577431d" }, { "ID": "validate-npm-package-license@3.0.4", "Name": "validate-npm-package-license", "Identifier": { "PURL": "pkg:npm/validate-npm-package-license@3.0.4", "UID": "be35c8741d40e3ec", "BOMRef": "pkg:npm/validate-npm-package-license@3.0.4" }, "Version": "3.0.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/validate-npm-package-license/package.json", "Digest": "sha1:a938b65349aed1eb3852d98dc1a8431209faf99f" }, { "ID": "validate-npm-package-name@7.0.2", "Name": "validate-npm-package-name", "Identifier": { "PURL": "pkg:npm/validate-npm-package-name@7.0.2", "UID": "e113968afaa7f4af", "BOMRef": "8a65abc8-2e22-4f9f-9400-d74fe07d5fae" }, "Version": "7.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/validate-npm-package-name/package.json", "Digest": "sha1:38514b39ec296f38677d2be6f15d799756de778e" }, { "ID": "validate-npm-package-name@7.0.2", "Name": "validate-npm-package-name", "Identifier": { "PURL": "pkg:npm/validate-npm-package-name@7.0.2", "UID": "8b332f7ba2482f2f", "BOMRef": "3f3b237c-cb18-4c79-b561-baeddf9f301f" }, "Version": "7.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/validate-npm-package-name/package.json", "Digest": "sha1:38514b39ec296f38677d2be6f15d799756de778e" }, { "ID": "walk-up-path@4.0.0", "Name": "walk-up-path", "Identifier": { "PURL": "pkg:npm/walk-up-path@4.0.0", "UID": "7eba941b1c92ea5b", "BOMRef": "8096125d-eb89-4a02-a3c7-002433cb063b" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/walk-up-path/package.json", "Digest": "sha1:5d1d771c0f7a60316cd0d039f38a9e6ce3b08b44" }, { "ID": "walk-up-path@4.0.0", "Name": "walk-up-path", "Identifier": { "PURL": "pkg:npm/walk-up-path@4.0.0", "UID": "9f2dda2d5a77243b", "BOMRef": "3964567c-8b4e-4280-b4b6-751ceb1c10de" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/walk-up-path/package.json", "Digest": "sha1:5d1d771c0f7a60316cd0d039f38a9e6ce3b08b44" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "cfee7ea49cb998b2", "BOMRef": "a92842c1-7de1-48a3-b8eb-79425e963495" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/which/package.json", "Digest": "sha1:402837c5ba60f95b309957adc4657b8fe4fb1f05" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "1c87d623bd812cfc", "BOMRef": "9d99bc41-9a00-4160-b0c4-33b4a58f141c" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/which/package.json", "Digest": "sha1:402837c5ba60f95b309957adc4657b8fe4fb1f05" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "77e769fea3829c7", "BOMRef": "33ab3bb0-89d4-41d6-8699-ea434d2dc2a6" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/which/package.json", "Digest": "sha1:402837c5ba60f95b309957adc4657b8fe4fb1f05" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "e4ed4805745f8979", "BOMRef": "9b12f8d7-e458-47be-bd2b-46fccec01ebc" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/which/package.json", "Digest": "sha1:402837c5ba60f95b309957adc4657b8fe4fb1f05" }, { "ID": "which@6.0.0", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@6.0.0", "UID": "fdcf989da0528cf4", "BOMRef": "pkg:npm/which@6.0.0" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/which/package.json", "Digest": "sha1:cb8b0157735e34c3257f5f246186bc73c4541924" }, { "ID": "which@6.0.1", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@6.0.1", "UID": "3a48311b7633f249", "BOMRef": "pkg:npm/which@6.0.1" }, "Version": "6.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/which/package.json", "Digest": "sha1:a4c4ac6aa9af226fc930104916a5f7cfd26f230c" }, { "ID": "write-file-atomic@7.0.0", "Name": "write-file-atomic", "Identifier": { "PURL": "pkg:npm/write-file-atomic@7.0.0", "UID": "82823882c073d14e", "BOMRef": "868b8c98-c4ca-4ee3-bf40-19e750fb359c" }, "Version": "7.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/write-file-atomic/package.json", "Digest": "sha1:a38060379c27d419714e1e0d4f9397aa3ca9a238" }, { "ID": "write-file-atomic@7.0.0", "Name": "write-file-atomic", "Identifier": { "PURL": "pkg:npm/write-file-atomic@7.0.0", "UID": "d841f6d3791ae996", "BOMRef": "7eda3337-7a9c-43d9-9bd3-32237de007a5" }, "Version": "7.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/write-file-atomic/package.json", "Digest": "sha1:a38060379c27d419714e1e0d4f9397aa3ca9a238" }, { "ID": "yallist@4.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@4.0.0", "UID": "c476e1e620abdd3f", "BOMRef": "bf811a45-9759-462d-ba88-46b789262ac0" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/yallist/package.json", "Digest": "sha1:d6a16b480cbd582f969b3d0ed89a157316268d10" }, { "ID": "yallist@4.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@4.0.0", "UID": "e121618c9b78c6e4", "BOMRef": "792e34ef-399f-4ae4-988e-b294a4bdc43a" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-flush/node_modules/yallist/package.json", "Digest": "sha1:d6a16b480cbd582f969b3d0ed89a157316268d10" }, { "ID": "yallist@4.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@4.0.0", "UID": "c9bf04f68c39273b", "BOMRef": "60391c44-0dcc-4c94-b493-737576bcf7f0" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-pipeline/node_modules/yallist/package.json", "Digest": "sha1:d6a16b480cbd582f969b3d0ed89a157316268d10" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "2b79b16686e0eef1", "BOMRef": "149b25d3-ca41-432f-a199-2870cb59c96f" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "44a4c1f122eb8e77", "BOMRef": "f57d10db-a3a0-4916-9bf2-e1c01e8f50d7" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "2083e34bb283dcc6", "BOMRef": "836daf0c-6cbe-4cd4-8f46-e779c974c917" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "23acff022ab8fd7", "BOMRef": "b898f16d-0c4a-4223-961b-607a3238907d" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "6279864ef69605f1", "BOMRef": "b853755f-3875-43d5-a9c4-2a3f80a88d7d" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "4b48f7610ea4cdde", "BOMRef": "d8b02cde-db7e-409c-a5ec-18a169b0d284" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "9cb4bf71c3b490d8", "BOMRef": "1d8df93f-7a35-45a2-b99c-3a07fb64735a" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/local/lib/node_modules/minimatch/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "c1f122803d4c7a56", "BOMRef": "40948995-646f-4f41-af92-749140ef80b1" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "c33880c17f10cc2", "BOMRef": "881a51e6-9c4e-49de-8513-3bea4a09b2a3" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "5fe2690d58dd1cd0", "BOMRef": "42007afd-20f6-4f0d-b966-e61f11fe1836" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "f0ee395cbecb017b", "BOMRef": "b41fce54-de22-4183-883c-98da0289653c" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f09c0ffa451c17234005611833eb09752dbbf4c2eaf9e4fd3db9d2e90423b66", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "9bf781e21f4d0c0", "BOMRef": "4b8162e2-c5c3-412e-b004-3ee7f6ff2c00" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f09c0ffa451c17234005611833eb09752dbbf4c2eaf9e4fd3db9d2e90423b66", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/local/lib/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "ead8007093e488cd", "BOMRef": "6146bb2a-1e92-41f5-9c2c-839bbfeae446" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f09c0ffa451c17234005611833eb09752dbbf4c2eaf9e4fd3db9d2e90423b66", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "552ffe6afaa50f4b", "BOMRef": "6a0e3b6b-962b-48e6-bd20-900231f64771" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f09c0ffa451c17234005611833eb09752dbbf4c2eaf9e4fd3db9d2e90423b66", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "f0ee395cbecb017b", "BOMRef": "b41fce54-de22-4183-883c-98da0289653c" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ca62c33b81d14a226b0916a70eb28284f62ec819be3ef938d37f750d0112d6de", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "9bf781e21f4d0c0", "BOMRef": "4b8162e2-c5c3-412e-b004-3ee7f6ff2c00" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ca62c33b81d14a226b0916a70eb28284f62ec819be3ef938d37f750d0112d6de", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/local/lib/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "ead8007093e488cd", "BOMRef": "6146bb2a-1e92-41f5-9c2c-839bbfeae446" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ca62c33b81d14a226b0916a70eb28284f62ec819be3ef938d37f750d0112d6de", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "552ffe6afaa50f4b", "BOMRef": "6a0e3b6b-962b-48e6-bd20-900231f64771" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ca62c33b81d14a226b0916a70eb28284f62ec819be3ef938d37f750d0112d6de", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-33671", "VendorIDs": [ "GHSA-c2c7-rcm5-vvqj" ], "PkgID": "picomatch@4.0.3", "PkgName": "picomatch", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "cfe4c3325bd5aac8", "BOMRef": "0051fd5f-ab67-4b23-8947-61604cd155cd" }, "InstalledVersion": "4.0.3", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:207ad269915973ca2f23d010cda47be6c0642612083c33e920cc47d603f2821d", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33671", "VendorIDs": [ "GHSA-c2c7-rcm5-vvqj" ], "PkgID": "picomatch@4.0.3", "PkgName": "picomatch", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "78f6e7c10d834b6d", "BOMRef": "c8e640ff-8f05-42db-86d9-89df3fdd09e1" }, "InstalledVersion": "4.0.3", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:207ad269915973ca2f23d010cda47be6c0642612083c33e920cc47d603f2821d", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33672", "VendorIDs": [ "GHSA-3v7f-55p6-f55p" ], "PkgID": "picomatch@4.0.3", "PkgName": "picomatch", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "cfe4c3325bd5aac8", "BOMRef": "0051fd5f-ab67-4b23-8947-61604cd155cd" }, "InstalledVersion": "4.0.3", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:2f6677f54143717bdb7617fbb22baa2470965a5f811541d2db8e4696d970e0cc", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-33672", "VendorIDs": [ "GHSA-3v7f-55p6-f55p" ], "PkgID": "picomatch@4.0.3", "PkgName": "picomatch", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "78f6e7c10d834b6d", "BOMRef": "c8e640ff-8f05-42db-86d9-89df3fdd09e1" }, "InstalledVersion": "4.0.3", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:2f6677f54143717bdb7617fbb22baa2470965a5f811541d2db8e4696d970e0cc", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "ae1a9016ef9e93ae", "BOMRef": "00a52a0b-7e17-40d5-9c37-4d71d214f264" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a32a685b3c99e3c60160512ee033e7114abb1f2aab969320b49f883d4b7b3e70", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "c26113eae931014f", "BOMRef": "40ba55e5-5215-484c-835a-824ea545dad7" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a32a685b3c99e3c60160512ee033e7114abb1f2aab969320b49f883d4b7b3e70", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "f1ff7b6d5269a38c", "BOMRef": "77ec8e78-d376-4ccc-b48c-13f460214931" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a32a685b3c99e3c60160512ee033e7114abb1f2aab969320b49f883d4b7b3e70", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/local/lib/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "8222b0c7dc7cbc6e", "BOMRef": "eddaddab-83fe-421e-8cc8-f5a640a6be87" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a32a685b3c99e3c60160512ee033e7114abb1f2aab969320b49f883d4b7b3e70", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "ae1a9016ef9e93ae", "BOMRef": "00a52a0b-7e17-40d5-9c37-4d71d214f264" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:443250536aea707f26425b77c60bb9440b39b1d77b29d3d972bcc576ef35e860", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "c26113eae931014f", "BOMRef": "40ba55e5-5215-484c-835a-824ea545dad7" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:ecf2022a6614524eb9779e5532b04527562d35948e15b9a82e6fcdddbd8dee49", "DiffID": "sha256:ab7bc96f1f7806daa098e1d3f07a6ba0c4e4be26ee7c21396a6e237f40d90e3b" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:443250536aea707f26425b77c60bb9440b39b1d77b29d3d972bcc576ef35e860", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "f1ff7b6d5269a38c", "BOMRef": "77ec8e78-d376-4ccc-b48c-13f460214931" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:443250536aea707f26425b77c60bb9440b39b1d77b29d3d972bcc576ef35e860", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/local/lib/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "8222b0c7dc7cbc6e", "BOMRef": "eddaddab-83fe-421e-8cc8-f5a640a6be87" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:443250536aea707f26425b77c60bb9440b39b1d77b29d3d972bcc576ef35e860", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" } ] }, { "Target": "Python", "Class": "lang-pkgs", "Type": "python-pkg", "Packages": [ { "ID": "APScheduler@3.10.4", "Name": "APScheduler", "Identifier": { "PURL": "pkg:pypi/apscheduler@3.10.4", "UID": "fa20372427491660", "BOMRef": "pkg:pypi/apscheduler@3.10.4" }, "Version": "3.10.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/APScheduler-3.10.4.dist-info/METADATA", "Digest": "sha1:3c645283c329748c21fee30a0a21ea492988d52f" }, { "ID": "Deprecated@1.3.1", "Name": "Deprecated", "Identifier": { "PURL": "pkg:pypi/deprecated@1.3.1", "UID": "2105e7abcb81126c", "BOMRef": "pkg:pypi/deprecated@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/deprecated-1.3.1.dist-info/METADATA", "Digest": "sha1:109990e0106e9872d6bf3486d1fa574730d1c717" }, { "ID": "Jinja2@3.1.6", "Name": "Jinja2", "Identifier": { "PURL": "pkg:pypi/jinja2@3.1.6", "UID": "89a400713a63c05f", "BOMRef": "pkg:pypi/jinja2@3.1.6" }, "Version": "3.1.6", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/jinja2-3.1.6.dist-info/METADATA", "Digest": "sha1:01c4dcfd579104dd8f5b937e1511e9371b4367d3" }, { "ID": "MarkupSafe@3.0.3", "Name": "MarkupSafe", "Identifier": { "PURL": "pkg:pypi/markupsafe@3.0.3", "UID": "ea11172b87d7afcb", "BOMRef": "pkg:pypi/markupsafe@3.0.3" }, "Version": "3.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/markupsafe-3.0.3.dist-info/METADATA", "Digest": "sha1:8ada20dd783a9961d87701f2cd25b0880f23993e" }, { "ID": "PyJWT@2.9.0", "Name": "PyJWT", "Identifier": { "PURL": "pkg:pypi/pyjwt@2.9.0", "UID": "3377c1f2090f432d", "BOMRef": "pkg:pypi/pyjwt@2.9.0" }, "Version": "2.9.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:a6cd584003683c40b383156cba389b114643d0015dc4a5396129945e09bbb0e9", "DiffID": "sha256:930dae14c1c45ca0925ed1808f78b4a1618c1042cd14e72c2f8fd24c4e5e461c" }, "FilePath": "usr/lib/python3.13/site-packages/PyJWT-2.9.0.dist-info/METADATA", "Digest": "sha1:e0c7615c40e2db2aa26d42a9cedcb8ba8b7376a5" }, { "ID": "PyNaCl@1.6.2", "Name": "PyNaCl", "Identifier": { "PURL": "pkg:pypi/pynacl@1.6.2", "UID": "2199b68bcdb6642c", "BOMRef": "pkg:pypi/pynacl@1.6.2" }, "Version": "1.6.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pynacl-1.6.2.dist-info/METADATA", "Digest": "sha1:51eed4f0f5e4d39bc532c4157c5a3982308b842c" }, { "ID": "PyYAML@6.0.2", "Name": "PyYAML", "Identifier": { "PURL": "pkg:pypi/pyyaml@6.0.2", "UID": "5a1a73063f6b88d3", "BOMRef": "pkg:pypi/pyyaml@6.0.2" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/PyYAML-6.0.2.dist-info/METADATA", "Digest": "sha1:019874e22eba3861f59a9ab72f17f58e8b504cf4" }, { "ID": "Pygments@2.19.2", "Name": "Pygments", "Identifier": { "PURL": "pkg:pypi/pygments@2.19.2", "UID": "82a16a02407b45b", "BOMRef": "pkg:pypi/pygments@2.19.2" }, "Version": "2.19.2", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pygments-2.19.2.dist-info/METADATA", "Digest": "sha1:afee6b8cae57db32719d0559389750d7923f0605" }, { "ID": "Werkzeug@3.1.6", "Name": "Werkzeug", "Identifier": { "PURL": "pkg:pypi/werkzeug@3.1.6", "UID": "87f0ee5bc250150f", "BOMRef": "pkg:pypi/werkzeug@3.1.6" }, "Version": "3.1.6", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/werkzeug-3.1.6.dist-info/METADATA", "Digest": "sha1:009a319320a3a8823025adcbb66babf581a30e3e" }, { "ID": "a2a-sdk@0.3.24", "Name": "a2a-sdk", "Identifier": { "PURL": "pkg:pypi/a2a-sdk@0.3.24", "UID": "3c0d540c3f6fa935", "BOMRef": "pkg:pypi/a2a-sdk@0.3.24" }, "Version": "0.3.24", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/a2a_sdk-0.3.24.dist-info/METADATA", "Digest": "sha1:84b66f1657f33e3448649e936ca3d127225232bf" }, { "ID": "aioboto3@15.5.0", "Name": "aioboto3", "Identifier": { "PURL": "pkg:pypi/aioboto3@15.5.0", "UID": "4b8255db317486bc", "BOMRef": "pkg:pypi/aioboto3@15.5.0" }, "Version": "15.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/aioboto3-15.5.0.dist-info/METADATA", "Digest": "sha1:ffd08838a16b51a1cb1807dde93c8b0f990244f5" }, { "ID": "aiobotocore@2.25.1", "Name": "aiobotocore", "Identifier": { "PURL": "pkg:pypi/aiobotocore@2.25.1", "UID": "7cf2e9008611e9c9", "BOMRef": "pkg:pypi/aiobotocore@2.25.1" }, "Version": "2.25.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/aiobotocore-2.25.1.dist-info/METADATA", "Digest": "sha1:ba7a88ae15a977227d960e17f3cbdb740f04fbfe" }, { "ID": "aiofiles@24.1.0", "Name": "aiofiles", "Identifier": { "PURL": "pkg:pypi/aiofiles@24.1.0", "UID": "8bbac6a4a27eee15", "BOMRef": "pkg:pypi/aiofiles@24.1.0" }, "Version": "24.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:9a4a729c0b222d2212f4ea8bf0462e3cebcd65e3c141f4b22053622688425fe3", "DiffID": "sha256:f92d2dc25a7bdb92619313314b07ccddcd01b16b11e501afc0b9cd99c7c8a5b9" }, "FilePath": "usr/lib/python3.13/site-packages/aiofiles-24.1.0.dist-info/METADATA", "Digest": "sha1:1fee4c4fef706c9737b9ce8e245bbd8dae4e4d16" }, { "ID": "aiohappyeyeballs@2.6.1", "Name": "aiohappyeyeballs", "Identifier": { "PURL": "pkg:pypi/aiohappyeyeballs@2.6.1", "UID": "d4518fce13a96eed", "BOMRef": "pkg:pypi/aiohappyeyeballs@2.6.1" }, "Version": "2.6.1", "Licenses": [ "Python-Software-Foundation-License" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/aiohappyeyeballs-2.6.1.dist-info/METADATA", "Digest": "sha1:01343f4e8b1584084c09e049bd83675272d9e757" }, { "ID": "aiohttp@3.13.3", "Name": "aiohttp", "Identifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "Version": "3.13.3", "Licenses": [ "Apache-2.0 AND MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "Digest": "sha1:63d65762ed8ded0c65362a1b04e4245d6ab9f170" }, { "ID": "aioitertools@0.13.0", "Name": "aioitertools", "Identifier": { "PURL": "pkg:pypi/aioitertools@0.13.0", "UID": "72b166d3050c63e4", "BOMRef": "pkg:pypi/aioitertools@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/aioitertools-0.13.0.dist-info/METADATA", "Digest": "sha1:110d571c90f132b20fc32b46c28c3c95b1c7aa94" }, { "ID": "aiosignal@1.4.0", "Name": "aiosignal", "Identifier": { "PURL": "pkg:pypi/aiosignal@1.4.0", "UID": "d66659bd15a9b12b", "BOMRef": "pkg:pypi/aiosignal@1.4.0" }, "Version": "1.4.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/aiosignal-1.4.0.dist-info/METADATA", "Digest": "sha1:8752e41cfbbc924405ef6bf9a9ff761cb9a6dbe3" }, { "ID": "annotated-doc@0.0.4", "Name": "annotated-doc", "Identifier": { "PURL": "pkg:pypi/annotated-doc@0.0.4", "UID": "c39e8221ae261c18", "BOMRef": "pkg:pypi/annotated-doc@0.0.4" }, "Version": "0.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/annotated_doc-0.0.4.dist-info/METADATA", "Digest": "sha1:24d32962e4742a901653d9fe5563c40221ddc6fa" }, { "ID": "annotated-types@0.7.0", "Name": "annotated-types", "Identifier": { "PURL": "pkg:pypi/annotated-types@0.7.0", "UID": "7ca5ea74a185dca3", "BOMRef": "pkg:pypi/annotated-types@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/annotated_types-0.7.0.dist-info/METADATA", "Digest": "sha1:b11011181822ac765c9f66c8aa42c26952de6a96" }, { "ID": "anthropic@0.54.0", "Name": "anthropic", "Identifier": { "PURL": "pkg:pypi/anthropic@0.54.0", "UID": "b1d478e56dd19f7", "BOMRef": "pkg:pypi/anthropic@0.54.0" }, "Version": "0.54.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/anthropic-0.54.0.dist-info/METADATA", "Digest": "sha1:7f700d1b4730958f468871fb28a2f4d416f8ed20" }, { "ID": "anyio@4.8.0", "Name": "anyio", "Identifier": { "PURL": "pkg:pypi/anyio@4.8.0", "UID": "f58a4ef3e9a2df20", "BOMRef": "pkg:pypi/anyio@4.8.0" }, "Version": "4.8.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/anyio-4.8.0.dist-info/METADATA", "Digest": "sha1:12b3a6bb5ce68bac1fe5abd01d80d367c0688db2" }, { "ID": "async-generator@1.10", "Name": "async-generator", "Identifier": { "PURL": "pkg:pypi/async-generator@1.10", "UID": "b9226df36c1a9bf6", "BOMRef": "pkg:pypi/async-generator@1.10" }, "Version": "1.10", "Licenses": [ "MIT", "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/async_generator-1.10.dist-info/METADATA", "Digest": "sha1:f4fa19d3f3bef3e3604acc54b00e8b8c50ad31c0" }, { "ID": "attrs@25.4.0", "Name": "attrs", "Identifier": { "PURL": "pkg:pypi/attrs@25.4.0", "UID": "35471539cadc098c", "BOMRef": "pkg:pypi/attrs@25.4.0" }, "Version": "25.4.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/attrs-25.4.0.dist-info/METADATA", "Digest": "sha1:9e593ab8f12d14d819a81ca9c41b9df0b4864a59" }, { "ID": "aurelio-sdk@0.0.19", "Name": "aurelio-sdk", "Identifier": { "PURL": "pkg:pypi/aurelio-sdk@0.0.19", "UID": "321cf1eb48e98f5d", "BOMRef": "pkg:pypi/aurelio-sdk@0.0.19" }, "Version": "0.0.19", "Layer": { "Digest": "sha256:9a4a729c0b222d2212f4ea8bf0462e3cebcd65e3c141f4b22053622688425fe3", "DiffID": "sha256:f92d2dc25a7bdb92619313314b07ccddcd01b16b11e501afc0b9cd99c7c8a5b9" }, "FilePath": "usr/lib/python3.13/site-packages/aurelio_sdk-0.0.19.dist-info/METADATA", "Digest": "sha1:bfe4c91a1633b0aa53f4fd1c5bd9f0e22eedfb7a" }, { "ID": "azure-ai-contentsafety@1.0.0", "Name": "azure-ai-contentsafety", "Identifier": { "PURL": "pkg:pypi/azure-ai-contentsafety@1.0.0", "UID": "6a94a57de6ba4561", "BOMRef": "pkg:pypi/azure-ai-contentsafety@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_ai_contentsafety-1.0.0.dist-info/METADATA", "Digest": "sha1:45cc94c9f0a17e313b00a13f7b0f9682654e0feb" }, { "ID": "azure-core@1.38.2", "Name": "azure-core", "Identifier": { "PURL": "pkg:pypi/azure-core@1.38.2", "UID": "b0e0bb985d1af762", "BOMRef": "pkg:pypi/azure-core@1.38.2" }, "Version": "1.38.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_core-1.38.2.dist-info/METADATA", "Digest": "sha1:ed537c8e4239709c13f2010e79c9e95dfa85046b" }, { "ID": "azure-identity@1.16.1", "Name": "azure-identity", "Identifier": { "PURL": "pkg:pypi/azure-identity@1.16.1", "UID": "299b63b9f2156bd7", "BOMRef": "pkg:pypi/azure-identity@1.16.1" }, "Version": "1.16.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_identity-1.16.1.dist-info/METADATA", "Digest": "sha1:68fdde1864f6c107e1306f736d9b5fefa2acf3a1" }, { "ID": "azure-keyvault@4.2.0", "Name": "azure-keyvault", "Identifier": { "PURL": "pkg:pypi/azure-keyvault@4.2.0", "UID": "2fb8cec7d9759ae4", "BOMRef": "pkg:pypi/azure-keyvault@4.2.0" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_keyvault-4.2.0.dist-info/METADATA", "Digest": "sha1:5da0d813613844740604dfa0c820222a54853a3a" }, { "ID": "azure-keyvault-certificates@4.10.0", "Name": "azure-keyvault-certificates", "Identifier": { "PURL": "pkg:pypi/azure-keyvault-certificates@4.10.0", "UID": "ca1a62574527a53d", "BOMRef": "pkg:pypi/azure-keyvault-certificates@4.10.0" }, "Version": "4.10.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_keyvault_certificates-4.10.0.dist-info/METADATA", "Digest": "sha1:8227ff63178e8f5a07e66f234d8c296b189f855b" }, { "ID": "azure-keyvault-keys@4.11.0", "Name": "azure-keyvault-keys", "Identifier": { "PURL": "pkg:pypi/azure-keyvault-keys@4.11.0", "UID": "93d60e081d626e82", "BOMRef": "pkg:pypi/azure-keyvault-keys@4.11.0" }, "Version": "4.11.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_keyvault_keys-4.11.0.dist-info/METADATA", "Digest": "sha1:61e25dca1cb98e731337b756f4e1bb129413c496" }, { "ID": "azure-keyvault-secrets@4.10.0", "Name": "azure-keyvault-secrets", "Identifier": { "PURL": "pkg:pypi/azure-keyvault-secrets@4.10.0", "UID": "c166869ef72d3d", "BOMRef": "pkg:pypi/azure-keyvault-secrets@4.10.0" }, "Version": "4.10.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_keyvault_secrets-4.10.0.dist-info/METADATA", "Digest": "sha1:5a8061494c1c50c49fa47eace47c117fe193a0b4" }, { "ID": "azure-storage-blob@12.28.0", "Name": "azure-storage-blob", "Identifier": { "PURL": "pkg:pypi/azure-storage-blob@12.28.0", "UID": "39a620f46dda2c75", "BOMRef": "pkg:pypi/azure-storage-blob@12.28.0" }, "Version": "12.28.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_storage_blob-12.28.0.dist-info/METADATA", "Digest": "sha1:20e7abbd2536ed3374cf440f144cf9ca5c0fb098" }, { "ID": "azure-storage-file-datalake@12.20.0", "Name": "azure-storage-file-datalake", "Identifier": { "PURL": "pkg:pypi/azure-storage-file-datalake@12.20.0", "UID": "b006fcc030af316f", "BOMRef": "pkg:pypi/azure-storage-file-datalake@12.20.0" }, "Version": "12.20.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/azure_storage_file_datalake-12.20.0.dist-info/METADATA", "Digest": "sha1:cc8ebe204539019788e04a26f2510c35575928c2" }, { "ID": "backoff@2.2.1", "Name": "backoff", "Identifier": { "PURL": "pkg:pypi/backoff@2.2.1", "UID": "35ec662ae0d8da04", "BOMRef": "pkg:pypi/backoff@2.2.1" }, "Version": "2.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/backoff-2.2.1.dist-info/METADATA", "Digest": "sha1:ea8b96e2947c9fed16b9c4075c30113fe09fac98" }, { "ID": "boto3@1.40.53", "Name": "boto3", "Identifier": { "PURL": "pkg:pypi/boto3@1.40.53", "UID": "9f78971193c01ef", "BOMRef": "pkg:pypi/boto3@1.40.53" }, "Version": "1.40.53", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/boto3-1.40.53.dist-info/METADATA", "Digest": "sha1:c3cd02ceff510cd405a1b3690f7bf4d54939faf8" }, { "ID": "botocore@1.40.61", "Name": "botocore", "Identifier": { "PURL": "pkg:pypi/botocore@1.40.61", "UID": "4f63aa5a91adca3b", "BOMRef": "pkg:pypi/botocore@1.40.61" }, "Version": "1.40.61", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/botocore-1.40.61.dist-info/METADATA", "Digest": "sha1:c384355d82af3168472f016558ed2f2e1c77cb85" }, { "ID": "bytecode@0.17.0", "Name": "bytecode", "Identifier": { "PURL": "pkg:pypi/bytecode@0.17.0", "UID": "ae34231ffa9f6494", "BOMRef": "pkg:pypi/bytecode@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/bytecode-0.17.0.dist-info/METADATA", "Digest": "sha1:65fc4772a46510a0f6186e951e866f5e306a8122" }, { "ID": "certifi@2026.2.25", "Name": "certifi", "Identifier": { "PURL": "pkg:pypi/certifi@2026.2.25", "UID": "a874f20a6fc2bc5c", "BOMRef": "pkg:pypi/certifi@2026.2.25" }, "Version": "2026.2.25", "Licenses": [ "MPL-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/certifi-2026.2.25.dist-info/METADATA", "Digest": "sha1:3aeccd85ea183a5ce98317741cad21a5c0a440ca" }, { "ID": "cffi@2.0.0", "Name": "cffi", "Identifier": { "PURL": "pkg:pypi/cffi@2.0.0", "UID": "e22261a003f54cc1", "BOMRef": "pkg:pypi/cffi@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/cffi-2.0.0.dist-info/METADATA", "Digest": "sha1:87e9c9d276c4f4c31f5a314d6a5472f45655674c" }, { "ID": "charset-normalizer@3.4.4", "Name": "charset-normalizer", "Identifier": { "PURL": "pkg:pypi/charset-normalizer@3.4.4", "UID": "6e1f4100957f0994", "BOMRef": "pkg:pypi/charset-normalizer@3.4.4" }, "Version": "3.4.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/charset_normalizer-3.4.4.dist-info/METADATA", "Digest": "sha1:b4512da50486c7909da3992f8d8b67052b9fc03e" }, { "ID": "click@8.1.7", "Name": "click", "Identifier": { "PURL": "pkg:pypi/click@8.1.7", "UID": "7ae22718dd24899f", "BOMRef": "pkg:pypi/click@8.1.7" }, "Version": "8.1.7", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/click-8.1.7.dist-info/METADATA", "Digest": "sha1:5c33361d71534572b6d2d3edd15ac9bad78b59c6" }, { "ID": "coloredlogs@15.0.1", "Name": "coloredlogs", "Identifier": { "PURL": "pkg:pypi/coloredlogs@15.0.1", "UID": "a2111aab511a9d3", "BOMRef": "pkg:pypi/coloredlogs@15.0.1" }, "Version": "15.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/coloredlogs-15.0.1.dist-info/METADATA", "Digest": "sha1:79d72bae2e23b677e384dedda06c6e922912aac1" }, { "ID": "colorlog@6.10.1", "Name": "colorlog", "Identifier": { "PURL": "pkg:pypi/colorlog@6.10.1", "UID": "beea8d5fa434225e", "BOMRef": "pkg:pypi/colorlog@6.10.1" }, "Version": "6.10.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:9a4a729c0b222d2212f4ea8bf0462e3cebcd65e3c141f4b22053622688425fe3", "DiffID": "sha256:f92d2dc25a7bdb92619313314b07ccddcd01b16b11e501afc0b9cd99c7c8a5b9" }, "FilePath": "usr/lib/python3.13/site-packages/colorlog-6.10.1.dist-info/METADATA", "Digest": "sha1:1e483d118fd419ad747606c4077726b5c4eb324e" }, { "ID": "cryptography@46.0.5", "Name": "cryptography", "Identifier": { "PURL": "pkg:pypi/cryptography@46.0.5", "UID": "e0ef37e1a2b28fbe", "BOMRef": "pkg:pypi/cryptography@46.0.5" }, "Version": "46.0.5", "Licenses": [ "Apache-2.0 OR BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/cryptography-46.0.5.dist-info/METADATA", "Digest": "sha1:bb40494ca8c495e6edf1214d419d44d57ad11f23" }, { "ID": "ddtrace@2.19.0", "Name": "ddtrace", "Identifier": { "PURL": "pkg:pypi/ddtrace@2.19.0", "UID": "d3e7bc67ca1d1a01", "BOMRef": "pkg:pypi/ddtrace@2.19.0" }, "Version": "2.19.0", "Licenses": [ "LICENSE.BSD3" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/ddtrace-2.19.0.dist-info/METADATA", "Digest": "sha1:2ebcd7579775a117bf5f63f482aaee4629f69fe4" }, { "ID": "detect-secrets@1.5.0", "Name": "detect-secrets", "Identifier": { "PURL": "pkg:pypi/detect-secrets@1.5.0", "UID": "4398ec610a26b60a", "BOMRef": "pkg:pypi/detect-secrets@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/detect_secrets-1.5.0.dist-info/METADATA", "Digest": "sha1:7d1969bbb2f0319f127b480fe77211aa27750fe0" }, { "ID": "distro@1.9.0", "Name": "distro", "Identifier": { "PURL": "pkg:pypi/distro@1.9.0", "UID": "2c2f1f532d83ef94", "BOMRef": "pkg:pypi/distro@1.9.0" }, "Version": "1.9.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/distro-1.9.0.dist-info/METADATA", "Digest": "sha1:ce14620cf14e15a64d2ff574796543f99619e7f3" }, { "ID": "dnspython@2.8.0", "Name": "dnspython", "Identifier": { "PURL": "pkg:pypi/dnspython@2.8.0", "UID": "7b562bebb1018ab0", "BOMRef": "pkg:pypi/dnspython@2.8.0" }, "Version": "2.8.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/dnspython-2.8.0.dist-info/METADATA", "Digest": "sha1:360d6b80b919fa0fc9e41d101229c937531c4eae" }, { "ID": "docstring_parser@0.17.0", "Name": "docstring_parser", "Identifier": { "PURL": "pkg:pypi/docstring-parser@0.17.0", "UID": "4b6e3fc972cb8355", "BOMRef": "pkg:pypi/docstring-parser@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/docstring_parser-0.17.0.dist-info/METADATA", "Digest": "sha1:323acb9780928a71e223759cfc8be2793bec7072" }, { "ID": "email-validator@2.3.0", "Name": "email-validator", "Identifier": { "PURL": "pkg:pypi/email-validator@2.3.0", "UID": "95ec0a1f421b71d5", "BOMRef": "pkg:pypi/email-validator@2.3.0" }, "Version": "2.3.0", "Licenses": [ "Unlicense" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/email_validator-2.3.0.dist-info/METADATA", "Digest": "sha1:8142c15247202bec284e8950c96b7f43b35ca5bc" }, { "ID": "envier@0.6.1", "Name": "envier", "Identifier": { "PURL": "pkg:pypi/envier@0.6.1", "UID": "3a4764539e74c5c1", "BOMRef": "pkg:pypi/envier@0.6.1" }, "Version": "0.6.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/envier-0.6.1.dist-info/METADATA", "Digest": "sha1:ecb20fe2699b6e8934bacad17926b535edc4ec40" }, { "ID": "fastapi@0.120.1", "Name": "fastapi", "Identifier": { "PURL": "pkg:pypi/fastapi@0.120.1", "UID": "c13623eb40f55bb5", "BOMRef": "pkg:pypi/fastapi@0.120.1" }, "Version": "0.120.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/fastapi-0.120.1.dist-info/METADATA", "Digest": "sha1:dea486b90696587ab48cbda958327ec048f93eb3" }, { "ID": "fastapi-sso@0.19.0", "Name": "fastapi-sso", "Identifier": { "PURL": "pkg:pypi/fastapi-sso@0.19.0", "UID": "a63650d27b6ccb82", "BOMRef": "pkg:pypi/fastapi-sso@0.19.0" }, "Version": "0.19.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/fastapi_sso-0.19.0.dist-info/METADATA", "Digest": "sha1:f08f145ee8c7c5c113436e3ba3fb8f1081e8a6fc" }, { "ID": "fastuuid@0.13.5", "Name": "fastuuid", "Identifier": { "PURL": "pkg:pypi/fastuuid@0.13.5", "UID": "15f2b6e009a06b34", "BOMRef": "pkg:pypi/fastuuid@0.13.5" }, "Version": "0.13.5", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/fastuuid-0.13.5.dist-info/METADATA", "Digest": "sha1:589a21152a88244902586741669f828037c88a4f" }, { "ID": "filelock@3.24.3", "Name": "filelock", "Identifier": { "PURL": "pkg:pypi/filelock@3.24.3", "UID": "5c301d6e96e939ee", "BOMRef": "pkg:pypi/filelock@3.24.3" }, "Version": "3.24.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/filelock-3.24.3.dist-info/METADATA", "Digest": "sha1:6c9686f542a1ba8f10bad8e5ba9b13c5f18a97a7" }, { "ID": "frozenlist@1.8.0", "Name": "frozenlist", "Identifier": { "PURL": "pkg:pypi/frozenlist@1.8.0", "UID": "796c9710f68160aa", "BOMRef": "pkg:pypi/frozenlist@1.8.0" }, "Version": "1.8.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/frozenlist-1.8.0.dist-info/METADATA", "Digest": "sha1:4a37873aab1c5eaffcecd2aa93be12e9e4b2a19c" }, { "ID": "fsspec@2026.2.0", "Name": "fsspec", "Identifier": { "PURL": "pkg:pypi/fsspec@2026.2.0", "UID": "7ac780d78c067db7", "BOMRef": "pkg:pypi/fsspec@2026.2.0" }, "Version": "2026.2.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/fsspec-2026.2.0.dist-info/METADATA", "Digest": "sha1:cd54bba9ec98bc422bda0b342e83ea43099aa174" }, { "ID": "google-api-core@2.30.0", "Name": "google-api-core", "Identifier": { "PURL": "pkg:pypi/google-api-core@2.30.0", "UID": "c7f2864e1c08d49a", "BOMRef": "pkg:pypi/google-api-core@2.30.0" }, "Version": "2.30.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_api_core-2.30.0.dist-info/METADATA", "Digest": "sha1:824f9344ce88f9566c9d9173847e9ea97143d293" }, { "ID": "google-auth@2.48.0", "Name": "google-auth", "Identifier": { "PURL": "pkg:pypi/google-auth@2.48.0", "UID": "75855f68e103deab", "BOMRef": "pkg:pypi/google-auth@2.48.0" }, "Version": "2.48.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_auth-2.48.0.dist-info/METADATA", "Digest": "sha1:fd3435e29361652b2f4e7fd3e2297c149025e051" }, { "ID": "google-cloud-aiplatform@1.133.0", "Name": "google-cloud-aiplatform", "Identifier": { "PURL": "pkg:pypi/google-cloud-aiplatform@1.133.0", "UID": "e255061cd9f49edd", "BOMRef": "pkg:pypi/google-cloud-aiplatform@1.133.0" }, "Version": "1.133.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_aiplatform-1.133.0.dist-info/METADATA", "Digest": "sha1:23483b425b0649936a17defd0158d0f6c03ca503" }, { "ID": "google-cloud-bigquery@3.40.1", "Name": "google-cloud-bigquery", "Identifier": { "PURL": "pkg:pypi/google-cloud-bigquery@3.40.1", "UID": "3f1d36a55bc62f5a", "BOMRef": "pkg:pypi/google-cloud-bigquery@3.40.1" }, "Version": "3.40.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_bigquery-3.40.1.dist-info/METADATA", "Digest": "sha1:ce2316758a0520c903eb5522d5cf1f39c2c7aa0b" }, { "ID": "google-cloud-core@2.5.0", "Name": "google-cloud-core", "Identifier": { "PURL": "pkg:pypi/google-cloud-core@2.5.0", "UID": "b7455836a2ba6cf8", "BOMRef": "pkg:pypi/google-cloud-core@2.5.0" }, "Version": "2.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_core-2.5.0.dist-info/METADATA", "Digest": "sha1:2353786cf89c5a50fc3a68db6736b632754e1b76" }, { "ID": "google-cloud-iam@2.19.1", "Name": "google-cloud-iam", "Identifier": { "PURL": "pkg:pypi/google-cloud-iam@2.19.1", "UID": "b5aefde917b7cf82", "BOMRef": "pkg:pypi/google-cloud-iam@2.19.1" }, "Version": "2.19.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_iam-2.19.1.dist-info/METADATA", "Digest": "sha1:28391d5c4dd89160b13ec2ef8c597d3164c4c91a" }, { "ID": "google-cloud-resource-manager@1.16.0", "Name": "google-cloud-resource-manager", "Identifier": { "PURL": "pkg:pypi/google-cloud-resource-manager@1.16.0", "UID": "fa163700d448fc06", "BOMRef": "pkg:pypi/google-cloud-resource-manager@1.16.0" }, "Version": "1.16.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_resource_manager-1.16.0.dist-info/METADATA", "Digest": "sha1:94bdb211cfd6933e89c9e8f1833e3fcb28caae26" }, { "ID": "google-cloud-storage@3.9.0", "Name": "google-cloud-storage", "Identifier": { "PURL": "pkg:pypi/google-cloud-storage@3.9.0", "UID": "dde1c3cb1cb622f3", "BOMRef": "pkg:pypi/google-cloud-storage@3.9.0" }, "Version": "3.9.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_storage-3.9.0.dist-info/METADATA", "Digest": "sha1:08b50a67c834baff46cb246b9b9d9d6c90ad3a65" }, { "ID": "google-crc32c@1.8.0", "Name": "google-crc32c", "Identifier": { "PURL": "pkg:pypi/google-crc32c@1.8.0", "UID": "68357da8e2d992e1", "BOMRef": "pkg:pypi/google-crc32c@1.8.0" }, "Version": "1.8.0", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_crc32c-1.8.0.dist-info/METADATA", "Digest": "sha1:740ce2636255b7035fbcef210995df5b4484e1b3" }, { "ID": "google-genai@1.37.0", "Name": "google-genai", "Identifier": { "PURL": "pkg:pypi/google-genai@1.37.0", "UID": "21f447801567aa11", "BOMRef": "pkg:pypi/google-genai@1.37.0" }, "Version": "1.37.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_genai-1.37.0.dist-info/METADATA", "Digest": "sha1:3399706a56fa0d50853cb580a1e032f80a3d4654" }, { "ID": "google-resumable-media@2.8.0", "Name": "google-resumable-media", "Identifier": { "PURL": "pkg:pypi/google-resumable-media@2.8.0", "UID": "8c31596e7f06a80", "BOMRef": "pkg:pypi/google-resumable-media@2.8.0" }, "Version": "2.8.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/google_resumable_media-2.8.0.dist-info/METADATA", "Digest": "sha1:a0a8dc418f86589aa080bb59708ed5aee38faacc" }, { "ID": "googleapis-common-protos@1.72.0", "Name": "googleapis-common-protos", "Identifier": { "PURL": "pkg:pypi/googleapis-common-protos@1.72.0", "UID": "18f85982f1d0bb7", "BOMRef": "pkg:pypi/googleapis-common-protos@1.72.0" }, "Version": "1.72.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/googleapis_common_protos-1.72.0.dist-info/METADATA", "Digest": "sha1:78df7b249d5272b19c5adc5c8a9b3b2dee57311c" }, { "ID": "grpc-google-iam-v1@0.14.3", "Name": "grpc-google-iam-v1", "Identifier": { "PURL": "pkg:pypi/grpc-google-iam-v1@0.14.3", "UID": "164102282e50f99a", "BOMRef": "pkg:pypi/grpc-google-iam-v1@0.14.3" }, "Version": "0.14.3", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/grpc_google_iam_v1-0.14.3.dist-info/METADATA", "Digest": "sha1:98adc7e2fe504130f48db8ccb34db6820d396145" }, { "ID": "grpcio@1.78.1", "Name": "grpcio", "Identifier": { "PURL": "pkg:pypi/grpcio@1.78.1", "UID": "1e04de1c1663fe86", "BOMRef": "pkg:pypi/grpcio@1.78.1" }, "Version": "1.78.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/grpcio-1.78.1.dist-info/METADATA", "Digest": "sha1:e9f3ec7472afdf9e994e454aa7519c24fb1ed336" }, { "ID": "grpcio-status@1.71.2", "Name": "grpcio-status", "Identifier": { "PURL": "pkg:pypi/grpcio-status@1.71.2", "UID": "2d9f6b2498458e6e", "BOMRef": "pkg:pypi/grpcio-status@1.71.2" }, "Version": "1.71.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/grpcio_status-1.71.2.dist-info/METADATA", "Digest": "sha1:bd80c647a0df7d5b9bda31af73fa704ff4e50c9f" }, { "ID": "gunicorn@23.0.0", "Name": "gunicorn", "Identifier": { "PURL": "pkg:pypi/gunicorn@23.0.0", "UID": "49942ac3ebbaf97e", "BOMRef": "pkg:pypi/gunicorn@23.0.0" }, "Version": "23.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/gunicorn-23.0.0.dist-info/METADATA", "Digest": "sha1:8de2f53497d5444853a1df1f44ff417831194283" }, { "ID": "h11@0.16.0", "Name": "h11", "Identifier": { "PURL": "pkg:pypi/h11@0.16.0", "UID": "d3172dc7a87389d6", "BOMRef": "pkg:pypi/h11@0.16.0" }, "Version": "0.16.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/h11-0.16.0.dist-info/METADATA", "Digest": "sha1:5d41eddffefef5f6e8ff383a2537e81a38a37807" }, { "ID": "hf-xet@1.3.1", "Name": "hf-xet", "Identifier": { "PURL": "pkg:pypi/hf-xet@1.3.1", "UID": "2fc6f2658785bf12", "BOMRef": "pkg:pypi/hf-xet@1.3.1" }, "Version": "1.3.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/hf_xet-1.3.1.dist-info/METADATA", "Digest": "sha1:8aeac3ee9e1e9f6a584bc261a0d31ce72952f665" }, { "ID": "httpcore@1.0.9", "Name": "httpcore", "Identifier": { "PURL": "pkg:pypi/httpcore@1.0.9", "UID": "1dc2b0c57cdc6d6a", "BOMRef": "pkg:pypi/httpcore@1.0.9" }, "Version": "1.0.9", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/httpcore-1.0.9.dist-info/METADATA", "Digest": "sha1:2981d359ae33f31d339189a9680db85785339a56" }, { "ID": "httpx@0.28.1", "Name": "httpx", "Identifier": { "PURL": "pkg:pypi/httpx@0.28.1", "UID": "4e1c3ecfb4aeecd1", "BOMRef": "pkg:pypi/httpx@0.28.1" }, "Version": "0.28.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/httpx-0.28.1.dist-info/METADATA", "Digest": "sha1:537da7e4f29438278e124e10e02d1a500fe33bcc" }, { "ID": "httpx-sse@0.4.3", "Name": "httpx-sse", "Identifier": { "PURL": "pkg:pypi/httpx-sse@0.4.3", "UID": "450ed70b6338a2b1", "BOMRef": "pkg:pypi/httpx-sse@0.4.3" }, "Version": "0.4.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/httpx_sse-0.4.3.dist-info/METADATA", "Digest": "sha1:df05446be58f0a3a306e50c7ceebef24bb383a6d" }, { "ID": "huggingface_hub@0.36.2", "Name": "huggingface_hub", "Identifier": { "PURL": "pkg:pypi/huggingface-hub@0.36.2", "UID": "a23e778e5ad66843", "BOMRef": "pkg:pypi/huggingface-hub@0.36.2" }, "Version": "0.36.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/huggingface_hub-0.36.2.dist-info/METADATA", "Digest": "sha1:c3fb68f58f110a4308ea41f02a48f890697481fe" }, { "ID": "humanfriendly@10.0", "Name": "humanfriendly", "Identifier": { "PURL": "pkg:pypi/humanfriendly@10.0", "UID": "a7d448580f62635e", "BOMRef": "pkg:pypi/humanfriendly@10.0" }, "Version": "10.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/humanfriendly-10.0.dist-info/METADATA", "Digest": "sha1:f29e22413e2b6ed83b0bd7935acd2dbb1d830f40" }, { "ID": "idna@3.11", "Name": "idna", "Identifier": { "PURL": "pkg:pypi/idna@3.11", "UID": "42513b05e1f19445", "BOMRef": "pkg:pypi/idna@3.11" }, "Version": "3.11", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/idna-3.11.dist-info/METADATA", "Digest": "sha1:5e73674d19cce0601253436a2e5544abe09b9bc3" }, { "ID": "importlib-metadata@6.8.0", "Name": "importlib-metadata", "Identifier": { "PURL": "pkg:pypi/importlib-metadata@6.8.0", "UID": "97dc3674fa30677d", "BOMRef": "pkg:pypi/importlib-metadata@6.8.0" }, "Version": "6.8.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/importlib_metadata-6.8.0.dist-info/METADATA", "Digest": "sha1:691851957e4c1cce8fa41d0f23cd83355dbb8756" }, { "ID": "isodate@0.7.2", "Name": "isodate", "Identifier": { "PURL": "pkg:pypi/isodate@0.7.2", "UID": "56437cfe59966559", "BOMRef": "pkg:pypi/isodate@0.7.2" }, "Version": "0.7.2", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/isodate-0.7.2.dist-info/METADATA", "Digest": "sha1:364399ca9e27df70628e3aff9c8b7b1da601f95d" }, { "ID": "jaraco.context@6.1.0", "Name": "jaraco.context", "Identifier": { "PURL": "pkg:pypi/jaraco.context@6.1.0", "UID": "faccd0474ea31ff0", "BOMRef": "pkg:pypi/jaraco.context@6.1.0" }, "Version": "6.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/jaraco_context-6.1.0.dist-info/METADATA", "Digest": "sha1:c1ba70653abadb34b0a0e792b9b7025b6a4d7b3e" }, { "ID": "jiter@0.13.0", "Name": "jiter", "Identifier": { "PURL": "pkg:pypi/jiter@0.13.0", "UID": "7a24ef81ab90dc81", "BOMRef": "pkg:pypi/jiter@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/jiter-0.13.0.dist-info/METADATA", "Digest": "sha1:2a9f923809d4a5bfa70b5c8d13e698904f4eca60" }, { "ID": "jmespath@1.1.0", "Name": "jmespath", "Identifier": { "PURL": "pkg:pypi/jmespath@1.1.0", "UID": "fda5de78586f756c", "BOMRef": "pkg:pypi/jmespath@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/jmespath-1.1.0.dist-info/METADATA", "Digest": "sha1:d3f297922cf04b0cc127a18994ad6e6b947f0cc7" }, { "ID": "jsonschema@4.26.0", "Name": "jsonschema", "Identifier": { "PURL": "pkg:pypi/jsonschema@4.26.0", "UID": "13b0e0b59b72dbfa", "BOMRef": "pkg:pypi/jsonschema@4.26.0" }, "Version": "4.26.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/jsonschema-4.26.0.dist-info/METADATA", "Digest": "sha1:94b3d1a46cf55d74e42c401eaf4a4b71c76cee31" }, { "ID": "jsonschema-path@0.3.4", "Name": "jsonschema-path", "Identifier": { "PURL": "pkg:pypi/jsonschema-path@0.3.4", "UID": "556deb33a3b7969b", "BOMRef": "pkg:pypi/jsonschema-path@0.3.4" }, "Version": "0.3.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/jsonschema_path-0.3.4.dist-info/METADATA", "Digest": "sha1:48b69894bc45f3344dbe1daa7be14933b12db09a" }, { "ID": "jsonschema-specifications@2025.9.1", "Name": "jsonschema-specifications", "Identifier": { "PURL": "pkg:pypi/jsonschema-specifications@2025.9.1", "UID": "d7c0d9c5dc62f473", "BOMRef": "pkg:pypi/jsonschema-specifications@2025.9.1" }, "Version": "2025.9.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/jsonschema_specifications-2025.9.1.dist-info/METADATA", "Digest": "sha1:ac33f477be9d3336ae67bc454f68a9ff39c91cf3" }, { "ID": "langfuse@2.59.7", "Name": "langfuse", "Identifier": { "PURL": "pkg:pypi/langfuse@2.59.7", "UID": "76eac4a2e777b5d6", "BOMRef": "pkg:pypi/langfuse@2.59.7" }, "Version": "2.59.7", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/langfuse-2.59.7.dist-info/METADATA", "Digest": "sha1:64b00766ce586ee8bc229e1d1c519bbbaccf82af" }, { "ID": "lazy-object-proxy@1.12.0", "Name": "lazy-object-proxy", "Identifier": { "PURL": "pkg:pypi/lazy-object-proxy@1.12.0", "UID": "4c1ad34267be926b", "BOMRef": "pkg:pypi/lazy-object-proxy@1.12.0" }, "Version": "1.12.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/lazy_object_proxy-1.12.0.dist-info/METADATA", "Digest": "sha1:68e349fa87b22a25e3af674e29698bb08d37a074" }, { "ID": "legacy-cgi@2.6.4", "Name": "legacy-cgi", "Identifier": { "PURL": "pkg:pypi/legacy-cgi@2.6.4", "UID": "6fdc6070a9075621", "BOMRef": "pkg:pypi/legacy-cgi@2.6.4" }, "Version": "2.6.4", "Licenses": [ "PSF-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/legacy_cgi-2.6.4.dist-info/METADATA", "Digest": "sha1:23159c15d8f7c3223df17c75f23eb2d59ef58128" }, { "ID": "litellm@1.81.15", "Name": "litellm", "Identifier": { "PURL": "pkg:pypi/litellm@1.81.15", "UID": "a28256b2f6c1f24", "BOMRef": "pkg:pypi/litellm@1.81.15" }, "Version": "1.81.15", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/litellm-1.81.15.dist-info/METADATA", "Digest": "sha1:8ef7d5e32f68cce6d0694c30ffd9f3d5c3c882b3" }, { "ID": "litellm-enterprise@0.1.32", "Name": "litellm-enterprise", "Identifier": { "PURL": "pkg:pypi/litellm-enterprise@0.1.32", "UID": "e648164b93901707", "BOMRef": "pkg:pypi/litellm-enterprise@0.1.32" }, "Version": "0.1.32", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/litellm_enterprise-0.1.32.dist-info/METADATA", "Digest": "sha1:47149694cb58a89bda47e23c5c7a341e04c64bf1" }, { "ID": "litellm-proxy-extras@0.4.47", "Name": "litellm-proxy-extras", "Identifier": { "PURL": "pkg:pypi/litellm-proxy-extras@0.4.47", "UID": "d3aa2926041a8a85", "BOMRef": "pkg:pypi/litellm-proxy-extras@0.4.47" }, "Version": "0.4.47", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/litellm_proxy_extras-0.4.47.dist-info/METADATA", "Digest": "sha1:f676615a300ff4e8dc01a62f0f45bd9ba1a76315" }, { "ID": "llm-sandbox@0.3.31", "Name": "llm-sandbox", "Identifier": { "PURL": "pkg:pypi/llm-sandbox@0.3.31", "UID": "7417536998bb548a", "BOMRef": "pkg:pypi/llm-sandbox@0.3.31" }, "Version": "0.3.31", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/llm_sandbox-0.3.31.dist-info/METADATA", "Digest": "sha1:85bb0474aad9559dff054282fdd4b29a4f92a80e" }, { "ID": "mangum@0.17.0", "Name": "mangum", "Identifier": { "PURL": "pkg:pypi/mangum@0.17.0", "UID": "66a0a261cf5aab17", "BOMRef": "pkg:pypi/mangum@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/mangum-0.17.0.dist-info/METADATA", "Digest": "sha1:0957be909988180dffafaf9c6ef2301be9a0739b" }, { "ID": "markdown-it-py@4.0.0", "Name": "markdown-it-py", "Identifier": { "PURL": "pkg:pypi/markdown-it-py@4.0.0", "UID": "6619664e37136199", "BOMRef": "pkg:pypi/markdown-it-py@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/markdown_it_py-4.0.0.dist-info/METADATA", "Digest": "sha1:0cee543cadd1bdc67e8d1acd6fae8cc419523f4c" }, { "ID": "mcp@1.25.0", "Name": "mcp", "Identifier": { "PURL": "pkg:pypi/mcp@1.25.0", "UID": "f7c9c95c06d6c0e7", "BOMRef": "pkg:pypi/mcp@1.25.0" }, "Version": "1.25.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/mcp-1.25.0.dist-info/METADATA", "Digest": "sha1:c86fd9fb3b07f6b9cb4a3ade6abcc16c1c763399" }, { "ID": "mdurl@0.1.2", "Name": "mdurl", "Identifier": { "PURL": "pkg:pypi/mdurl@0.1.2", "UID": "c5518fe620896af9", "BOMRef": "pkg:pypi/mdurl@0.1.2" }, "Version": "0.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/mdurl-0.1.2.dist-info/METADATA", "Digest": "sha1:cc9d84bf84be59dd90368ea2f5e3a9fae8f0f1b7" }, { "ID": "ml-dtypes@0.4.1", "Name": "ml-dtypes", "Identifier": { "PURL": "pkg:pypi/ml-dtypes@0.4.1", "UID": "39bd721f6e16e60a", "BOMRef": "pkg:pypi/ml-dtypes@0.4.1" }, "Version": "0.4.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/ml_dtypes-0.4.1.dist-info/METADATA", "Digest": "sha1:28e53cadb8495b4a770c99d9392b1c79a14f4c8d" }, { "ID": "more-itertools@10.8.0", "Name": "more-itertools", "Identifier": { "PURL": "pkg:pypi/more-itertools@10.8.0", "UID": "e623df5f30f44870", "BOMRef": "pkg:pypi/more-itertools@10.8.0" }, "Version": "10.8.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/more_itertools-10.8.0.dist-info/METADATA", "Digest": "sha1:55aef894a0f39f280471306f0c5ecf3730ff5863" }, { "ID": "msal@1.35.0", "Name": "msal", "Identifier": { "PURL": "pkg:pypi/msal@1.35.0", "UID": "de8dc9140937815e", "BOMRef": "pkg:pypi/msal@1.35.0" }, "Version": "1.35.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/msal-1.35.0.dist-info/METADATA", "Digest": "sha1:6609547c107ac680d84209dbe02045ceb3ac1476" }, { "ID": "msal-extensions@1.3.1", "Name": "msal-extensions", "Identifier": { "PURL": "pkg:pypi/msal-extensions@1.3.1", "UID": "daa994f8b3659b63", "BOMRef": "pkg:pypi/msal-extensions@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/msal_extensions-1.3.1.dist-info/METADATA", "Digest": "sha1:41015e491016a80539109491a22adb22f7c7dddd" }, { "ID": "multidict@6.7.1", "Name": "multidict", "Identifier": { "PURL": "pkg:pypi/multidict@6.7.1", "UID": "69fd5742a12e96d4", "BOMRef": "pkg:pypi/multidict@6.7.1" }, "Version": "6.7.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/multidict-6.7.1.dist-info/METADATA", "Digest": "sha1:216b572c03dd786e9e08cb0ed5e833a9ec0fd494" }, { "ID": "nodeenv@1.10.0", "Name": "nodeenv", "Identifier": { "PURL": "pkg:pypi/nodeenv@1.10.0", "UID": "da5c45953a1d2254", "BOMRef": "pkg:pypi/nodeenv@1.10.0" }, "Version": "1.10.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodeenv-1.10.0.dist-info/METADATA", "Digest": "sha1:1b29a746e209117735cc705714358dbf9e858eb4" }, { "ID": "nodejs-wheel-binaries@24.13.1", "Name": "nodejs-wheel-binaries", "Identifier": { "PURL": "pkg:pypi/nodejs-wheel-binaries@24.13.1", "UID": "7d69cd75b0c10565", "BOMRef": "pkg:pypi/nodejs-wheel-binaries@24.13.1" }, "Version": "24.13.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel_binaries-24.13.1.dist-info/METADATA", "Digest": "sha1:9ae91a866196ce7d03c5ecaf3c513503bee6933f" }, { "ID": "numpy@2.4.2", "Name": "numpy", "Identifier": { "PURL": "pkg:pypi/numpy@2.4.2", "UID": "662f1e949daf9f27", "BOMRef": "pkg:pypi/numpy@2.4.2" }, "Version": "2.4.2", "Licenses": [ "BSD-3-Clause AND 0BSD AND MIT AND Zlib AND CC0-1.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/numpy-2.4.2.dist-info/METADATA", "Digest": "sha1:f78437e3f7066f0441d6e9a7c34ce6f6a66871a5" }, { "ID": "oauthlib@3.3.1", "Name": "oauthlib", "Identifier": { "PURL": "pkg:pypi/oauthlib@3.3.1", "UID": "423437247dd444e3", "BOMRef": "pkg:pypi/oauthlib@3.3.1" }, "Version": "3.3.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/oauthlib-3.3.1.dist-info/METADATA", "Digest": "sha1:9ba5229bceb66742065501d44c4e07f8b401d4c8" }, { "ID": "openai@2.9.0", "Name": "openai", "Identifier": { "PURL": "pkg:pypi/openai@2.9.0", "UID": "b7a0cbed4f0adcdb", "BOMRef": "pkg:pypi/openai@2.9.0" }, "Version": "2.9.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/openai-2.9.0.dist-info/METADATA", "Digest": "sha1:3a50a52d05f9d1a9114c73731816df78928764c0" }, { "ID": "openapi-core@0.21.0", "Name": "openapi-core", "Identifier": { "PURL": "pkg:pypi/openapi-core@0.21.0", "UID": "b46bc3f5720e08a9", "BOMRef": "pkg:pypi/openapi-core@0.21.0" }, "Version": "0.21.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/openapi_core-0.21.0.dist-info/METADATA", "Digest": "sha1:23d2501e93de078ce5136cd7b4e20a7463c210f4" }, { "ID": "openapi-schema-validator@0.6.3", "Name": "openapi-schema-validator", "Identifier": { "PURL": "pkg:pypi/openapi-schema-validator@0.6.3", "UID": "ef4b7c335007eceb", "BOMRef": "pkg:pypi/openapi-schema-validator@0.6.3" }, "Version": "0.6.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/openapi_schema_validator-0.6.3.dist-info/METADATA", "Digest": "sha1:94ac2dfdccefaac1f8f6efc0ce4e4713274af79f" }, { "ID": "openapi-spec-validator@0.7.2", "Name": "openapi-spec-validator", "Identifier": { "PURL": "pkg:pypi/openapi-spec-validator@0.7.2", "UID": "32f80f86ff68fdc3", "BOMRef": "pkg:pypi/openapi-spec-validator@0.7.2" }, "Version": "0.7.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/openapi_spec_validator-0.7.2.dist-info/METADATA", "Digest": "sha1:3b8226cdb965b31b940c1bfaba9d0b337cc0c8f8" }, { "ID": "opentelemetry-api@1.28.0", "Name": "opentelemetry-api", "Identifier": { "PURL": "pkg:pypi/opentelemetry-api@1.28.0", "UID": "d28808f0e57d15f1", "BOMRef": "pkg:pypi/opentelemetry-api@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_api-1.28.0.dist-info/METADATA", "Digest": "sha1:fa7a37347c7a77b570878666db0821d85e58a470" }, { "ID": "opentelemetry-exporter-otlp@1.28.0", "Name": "opentelemetry-exporter-otlp", "Identifier": { "PURL": "pkg:pypi/opentelemetry-exporter-otlp@1.28.0", "UID": "99bda5bb75747991", "BOMRef": "pkg:pypi/opentelemetry-exporter-otlp@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_exporter_otlp-1.28.0.dist-info/METADATA", "Digest": "sha1:02d9d528c93b4a483c217803ff2b5b14dff509ef" }, { "ID": "opentelemetry-exporter-otlp-proto-common@1.28.0", "Name": "opentelemetry-exporter-otlp-proto-common", "Identifier": { "PURL": "pkg:pypi/opentelemetry-exporter-otlp-proto-common@1.28.0", "UID": "60c6cf817ae3e37e", "BOMRef": "pkg:pypi/opentelemetry-exporter-otlp-proto-common@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_exporter_otlp_proto_common-1.28.0.dist-info/METADATA", "Digest": "sha1:9b898d5238fd7ac09e303fb6fddbe084603de874" }, { "ID": "opentelemetry-exporter-otlp-proto-grpc@1.28.0", "Name": "opentelemetry-exporter-otlp-proto-grpc", "Identifier": { "PURL": "pkg:pypi/opentelemetry-exporter-otlp-proto-grpc@1.28.0", "UID": "ebbe62da4b4252b0", "BOMRef": "pkg:pypi/opentelemetry-exporter-otlp-proto-grpc@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_exporter_otlp_proto_grpc-1.28.0.dist-info/METADATA", "Digest": "sha1:4d2e1a9be4c683f90b3116732d154d789efb6de5" }, { "ID": "opentelemetry-exporter-otlp-proto-http@1.28.0", "Name": "opentelemetry-exporter-otlp-proto-http", "Identifier": { "PURL": "pkg:pypi/opentelemetry-exporter-otlp-proto-http@1.28.0", "UID": "d113ff9f4ce67ec1", "BOMRef": "pkg:pypi/opentelemetry-exporter-otlp-proto-http@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_exporter_otlp_proto_http-1.28.0.dist-info/METADATA", "Digest": "sha1:f7029b101ac39ca429c16dfbfbd1f67d7da1e28c" }, { "ID": "opentelemetry-proto@1.28.0", "Name": "opentelemetry-proto", "Identifier": { "PURL": "pkg:pypi/opentelemetry-proto@1.28.0", "UID": "f7bd75b29e4486d4", "BOMRef": "pkg:pypi/opentelemetry-proto@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_proto-1.28.0.dist-info/METADATA", "Digest": "sha1:2f4cc88e72c49fd14c43d3160427ec7631e420ba" }, { "ID": "opentelemetry-sdk@1.28.0", "Name": "opentelemetry-sdk", "Identifier": { "PURL": "pkg:pypi/opentelemetry-sdk@1.28.0", "UID": "6868ece0ca639ac3", "BOMRef": "pkg:pypi/opentelemetry-sdk@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_sdk-1.28.0.dist-info/METADATA", "Digest": "sha1:ff78308a4de96861a2b9afbecc1745376f09d82b" }, { "ID": "opentelemetry-semantic-conventions@0.49b0", "Name": "opentelemetry-semantic-conventions", "Identifier": { "PURL": "pkg:pypi/opentelemetry-semantic-conventions@0.49b0", "UID": "7db403581bdbd436", "BOMRef": "pkg:pypi/opentelemetry-semantic-conventions@0.49b0" }, "Version": "0.49b0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_semantic_conventions-0.49b0.dist-info/METADATA", "Digest": "sha1:2389733e201fd7a0ec508bbc2f1e32a23488c45e" }, { "ID": "orjson@3.11.7", "Name": "orjson", "Identifier": { "PURL": "pkg:pypi/orjson@3.11.7", "UID": "8c44b8a169282407", "BOMRef": "pkg:pypi/orjson@3.11.7" }, "Version": "3.11.7", "Licenses": [ "MPL-2.0 AND (Apache-2.0 OR MIT)" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/orjson-3.11.7.dist-info/METADATA", "Digest": "sha1:2b55fc97cbe074ef19ee5b25d2ae0613276e259e" }, { "ID": "packaging@24.2", "Name": "packaging", "Identifier": { "PURL": "pkg:pypi/packaging@24.2", "UID": "75945cad4a263201", "BOMRef": "pkg:pypi/packaging@24.2" }, "Version": "24.2", "Licenses": [ "Apache-2.0", "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/packaging-24.2.dist-info/METADATA", "Digest": "sha1:292b8d19cdc308e072817b6407cac3cb5175a060" }, { "ID": "pathable@0.4.4", "Name": "pathable", "Identifier": { "PURL": "pkg:pypi/pathable@0.4.4", "UID": "501d6d2c155ac850", "BOMRef": "pkg:pypi/pathable@0.4.4" }, "Version": "0.4.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pathable-0.4.4.dist-info/METADATA", "Digest": "sha1:866e61605d29a563f1cdd110899065ddb5f2f482" }, { "ID": "pillow@12.1.1", "Name": "pillow", "Identifier": { "PURL": "pkg:pypi/pillow@12.1.1", "UID": "c970035d0533382c", "BOMRef": "pkg:pypi/pillow@12.1.1" }, "Version": "12.1.1", "Licenses": [ "MIT-CMU" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pillow-12.1.1.dist-info/METADATA", "Digest": "sha1:8ede85617f65f1bcb1404d13c86a40e01897a9b1" }, { "ID": "polars@1.31.0", "Name": "polars", "Identifier": { "PURL": "pkg:pypi/polars@1.31.0", "UID": "8eb661a25fd2cfb6", "BOMRef": "pkg:pypi/polars@1.31.0" }, "Version": "1.31.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/polars-1.31.0.dist-info/METADATA", "Digest": "sha1:9372c8d51ed35260721b244d0f1432df652171cf" }, { "ID": "prisma@0.11.0", "Name": "prisma", "Identifier": { "PURL": "pkg:pypi/prisma@0.11.0", "UID": "1db33c46cea441f2", "BOMRef": "pkg:pypi/prisma@0.11.0" }, "Version": "0.11.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/prisma-0.11.0.dist-info/METADATA", "Digest": "sha1:fad8c94f4fab264e96c18a22151e04c0cdf411b0" }, { "ID": "prometheus_client@0.20.0", "Name": "prometheus_client", "Identifier": { "PURL": "pkg:pypi/prometheus-client@0.20.0", "UID": "f6181365b9ebbaf5", "BOMRef": "pkg:pypi/prometheus-client@0.20.0" }, "Version": "0.20.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/prometheus_client-0.20.0.dist-info/METADATA", "Digest": "sha1:ca9ab1f552aae8ed12e1084fd9c8347782cb1049" }, { "ID": "propcache@0.4.1", "Name": "propcache", "Identifier": { "PURL": "pkg:pypi/propcache@0.4.1", "UID": "61c2152f97e75810", "BOMRef": "pkg:pypi/propcache@0.4.1" }, "Version": "0.4.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/propcache-0.4.1.dist-info/METADATA", "Digest": "sha1:9b2af7eeab4bcb9bad4ba6d407baa00869b8168c" }, { "ID": "proto-plus@1.27.1", "Name": "proto-plus", "Identifier": { "PURL": "pkg:pypi/proto-plus@1.27.1", "UID": "c44fc6918c675d22", "BOMRef": "pkg:pypi/proto-plus@1.27.1" }, "Version": "1.27.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/proto_plus-1.27.1.dist-info/METADATA", "Digest": "sha1:f256867207ef1543010030633cf2f7669c66591c" }, { "ID": "protobuf@5.29.6", "Name": "protobuf", "Identifier": { "PURL": "pkg:pypi/protobuf@5.29.6", "UID": "fd2815f63475d5ff", "BOMRef": "pkg:pypi/protobuf@5.29.6" }, "Version": "5.29.6", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/protobuf-5.29.6.dist-info/METADATA", "Digest": "sha1:f6ba7e2f92bfad0493f3bdc530ecf2398f28d411" }, { "ID": "pyasn1@0.6.2", "Name": "pyasn1", "Identifier": { "PURL": "pkg:pypi/pyasn1@0.6.2", "UID": "59ed395849f7cb21", "BOMRef": "pkg:pypi/pyasn1@0.6.2" }, "Version": "0.6.2", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pyasn1-0.6.2.dist-info/METADATA", "Digest": "sha1:9e49d4b851f49962151f61b10a5d9c65e5b8eade" }, { "ID": "pyasn1_modules@0.4.2", "Name": "pyasn1_modules", "Identifier": { "PURL": "pkg:pypi/pyasn1-modules@0.4.2", "UID": "58f14af74710b4d5", "BOMRef": "pkg:pypi/pyasn1-modules@0.4.2" }, "Version": "0.4.2", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pyasn1_modules-0.4.2.dist-info/METADATA", "Digest": "sha1:ff67c376a06e456e4caa8a256505a2298f5e7141" }, { "ID": "pycparser@3.0", "Name": "pycparser", "Identifier": { "PURL": "pkg:pypi/pycparser@3.0", "UID": "a2951dec6312f4f7", "BOMRef": "pkg:pypi/pycparser@3.0" }, "Version": "3.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pycparser-3.0.dist-info/METADATA", "Digest": "sha1:ec46323dcd4dd2f7742b74b09cc0b030e330e46f" }, { "ID": "pydantic@2.12.5", "Name": "pydantic", "Identifier": { "PURL": "pkg:pypi/pydantic@2.12.5", "UID": "1f0645b6af609342", "BOMRef": "pkg:pypi/pydantic@2.12.5" }, "Version": "2.12.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pydantic-2.12.5.dist-info/METADATA", "Digest": "sha1:83683052da3c86191d3ce41d60fa7f9780cf0478" }, { "ID": "pydantic-settings@2.13.1", "Name": "pydantic-settings", "Identifier": { "PURL": "pkg:pypi/pydantic-settings@2.13.1", "UID": "dcd90eb21d5e840b", "BOMRef": "pkg:pypi/pydantic-settings@2.13.1" }, "Version": "2.13.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pydantic_settings-2.13.1.dist-info/METADATA", "Digest": "sha1:b20e7981819ecb354830015a55fa8bcb098c5687" }, { "ID": "pydantic_core@2.41.5", "Name": "pydantic_core", "Identifier": { "PURL": "pkg:pypi/pydantic-core@2.41.5", "UID": "61258042490ca9d4", "BOMRef": "pkg:pypi/pydantic-core@2.41.5" }, "Version": "2.41.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pydantic_core-2.41.5.dist-info/METADATA", "Digest": "sha1:07d49fc75e0fd822fcc2719c0bbece0049fba67a" }, { "ID": "pypdf@6.7.3", "Name": "pypdf", "Identifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "aed4e2107eb357d2", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "Version": "6.7.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "Digest": "sha1:101bb8b8a2338926646843c8dcd7f25f773fd800" }, { "ID": "python-dateutil@2.9.0.post0", "Name": "python-dateutil", "Identifier": { "PURL": "pkg:pypi/python-dateutil@2.9.0.post0", "UID": "29a6a598028d6324", "BOMRef": "pkg:pypi/python-dateutil@2.9.0.post0" }, "Version": "2.9.0.post0", "Licenses": [ "BSD-3-Clause", "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/python_dateutil-2.9.0.post0.dist-info/METADATA", "Digest": "sha1:7a3c35abd86cd96034d5afb0d4b241dc9e13e6f8" }, { "ID": "python-dotenv@1.0.1", "Name": "python-dotenv", "Identifier": { "PURL": "pkg:pypi/python-dotenv@1.0.1", "UID": "79e208e200b24b15", "BOMRef": "pkg:pypi/python-dotenv@1.0.1" }, "Version": "1.0.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/python_dotenv-1.0.1.dist-info/METADATA", "Digest": "sha1:e0a2e23c662b53538eed76a837fb7ecc9327df7e" }, { "ID": "python-multipart@0.0.22", "Name": "python-multipart", "Identifier": { "PURL": "pkg:pypi/python-multipart@0.0.22", "UID": "c37a3a3c3419e778", "BOMRef": "pkg:pypi/python-multipart@0.0.22" }, "Version": "0.0.22", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/python_multipart-0.0.22.dist-info/METADATA", "Digest": "sha1:f8bfd84700d227e7438d2377ff7c8585ac4e11cd" }, { "ID": "python-ulid@3.1.0", "Name": "python-ulid", "Identifier": { "PURL": "pkg:pypi/python-ulid@3.1.0", "UID": "73b3f85aa6998993", "BOMRef": "pkg:pypi/python-ulid@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/python_ulid-3.1.0.dist-info/METADATA", "Digest": "sha1:4c8b8c9ccc57da11803c277c04fd19bccf8bbe4d" }, { "ID": "pytz@2025.2", "Name": "pytz", "Identifier": { "PURL": "pkg:pypi/pytz@2025.2", "UID": "570316b1bdd1b8ad", "BOMRef": "pkg:pypi/pytz@2025.2" }, "Version": "2025.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/pytz-2025.2.dist-info/METADATA", "Digest": "sha1:db28b063c13ef94fa0f89b36bdc6d66776fe5bd5" }, { "ID": "redis@5.2.1", "Name": "redis", "Identifier": { "PURL": "pkg:pypi/redis@5.2.1", "UID": "b0f73603ab1fd6c", "BOMRef": "pkg:pypi/redis@5.2.1" }, "Version": "5.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/redis-5.2.1.dist-info/METADATA", "Digest": "sha1:27194d5ec4e7a9cda79f44d14513c056aff7d483" }, { "ID": "redisvl@0.4.1", "Name": "redisvl", "Identifier": { "PURL": "pkg:pypi/redisvl@0.4.1", "UID": "5e555561b4ef8fe", "BOMRef": "pkg:pypi/redisvl@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/redisvl-0.4.1.dist-info/METADATA", "Digest": "sha1:5907c76977fda13f87074bb069abf46d89f26435" }, { "ID": "referencing@0.36.2", "Name": "referencing", "Identifier": { "PURL": "pkg:pypi/referencing@0.36.2", "UID": "5410b215cebe6ccf", "BOMRef": "pkg:pypi/referencing@0.36.2" }, "Version": "0.36.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/referencing-0.36.2.dist-info/METADATA", "Digest": "sha1:cf1208e207b8130e0abf63be5c1dac8598fb4049" }, { "ID": "regex@2026.2.19", "Name": "regex", "Identifier": { "PURL": "pkg:pypi/regex@2026.2.19", "UID": "5691224c1c8b6b2b", "BOMRef": "pkg:pypi/regex@2026.2.19" }, "Version": "2026.2.19", "Licenses": [ "Apache-2.0 AND CNRI-Python" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/regex-2026.2.19.dist-info/METADATA", "Digest": "sha1:103e922a073b1f10b32833910020c7b672c805a7" }, { "ID": "requests@2.32.5", "Name": "requests", "Identifier": { "PURL": "pkg:pypi/requests@2.32.5", "UID": "4e43ed6f8bbb8cd0", "BOMRef": "pkg:pypi/requests@2.32.5" }, "Version": "2.32.5", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/requests-2.32.5.dist-info/METADATA", "Digest": "sha1:ca17920e69f3c7103322151275139cf487e4da08" }, { "ID": "requests-toolbelt@1.0.0", "Name": "requests-toolbelt", "Identifier": { "PURL": "pkg:pypi/requests-toolbelt@1.0.0", "UID": "b1cbf2b5d249765d", "BOMRef": "pkg:pypi/requests-toolbelt@1.0.0" }, "Version": "1.0.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:9a4a729c0b222d2212f4ea8bf0462e3cebcd65e3c141f4b22053622688425fe3", "DiffID": "sha256:f92d2dc25a7bdb92619313314b07ccddcd01b16b11e501afc0b9cd99c7c8a5b9" }, "FilePath": "usr/lib/python3.13/site-packages/requests_toolbelt-1.0.0.dist-info/METADATA", "Digest": "sha1:171fbbc84e8b7216e237b702f3fda539ffb1e487" }, { "ID": "rfc3339-validator@0.1.4", "Name": "rfc3339-validator", "Identifier": { "PURL": "pkg:pypi/rfc3339-validator@0.1.4", "UID": "604db56552075ca8", "BOMRef": "pkg:pypi/rfc3339-validator@0.1.4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/rfc3339_validator-0.1.4.dist-info/METADATA", "Digest": "sha1:b8cc2c804bf4cb64b4573a802305f3d0dc7e9a91" }, { "ID": "rich@13.7.1", "Name": "rich", "Identifier": { "PURL": "pkg:pypi/rich@13.7.1", "UID": "92b40be74284e5c2", "BOMRef": "pkg:pypi/rich@13.7.1" }, "Version": "13.7.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/rich-13.7.1.dist-info/METADATA", "Digest": "sha1:bf3cca748ddf06213ddb6911d0b2d437f202533b" }, { "ID": "rpds-py@0.30.0", "Name": "rpds-py", "Identifier": { "PURL": "pkg:pypi/rpds-py@0.30.0", "UID": "5b6ff275df1c745c", "BOMRef": "pkg:pypi/rpds-py@0.30.0" }, "Version": "0.30.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/rpds_py-0.30.0.dist-info/METADATA", "Digest": "sha1:9eef46c842a0ca6229680d7bfc1272958efdcc5a" }, { "ID": "rsa@4.9.1", "Name": "rsa", "Identifier": { "PURL": "pkg:pypi/rsa@4.9.1", "UID": "a269a772b078484e", "BOMRef": "pkg:pypi/rsa@4.9.1" }, "Version": "4.9.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/rsa-4.9.1.dist-info/METADATA", "Digest": "sha1:a2f68fc042a03952873edfefafda03c04787a56f" }, { "ID": "s3transfer@0.14.0", "Name": "s3transfer", "Identifier": { "PURL": "pkg:pypi/s3transfer@0.14.0", "UID": "f7a1a1fe0d0d79fc", "BOMRef": "pkg:pypi/s3transfer@0.14.0" }, "Version": "0.14.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/s3transfer-0.14.0.dist-info/METADATA", "Digest": "sha1:dd9c4cd2d179b27942830646a152d8f484ca7800" }, { "ID": "semantic-router@0.1.11", "Name": "semantic-router", "Identifier": { "PURL": "pkg:pypi/semantic-router@0.1.11", "UID": "dabc155e8b7a5", "BOMRef": "pkg:pypi/semantic-router@0.1.11" }, "Version": "0.1.11", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:9a4a729c0b222d2212f4ea8bf0462e3cebcd65e3c141f4b22053622688425fe3", "DiffID": "sha256:f92d2dc25a7bdb92619313314b07ccddcd01b16b11e501afc0b9cd99c7c8a5b9" }, "FilePath": "usr/lib/python3.13/site-packages/semantic_router-0.1.11.dist-info/METADATA", "Digest": "sha1:7de93f4f62c6d698a4693fb0c0380fdf2d9456a3" }, { "ID": "sentry-sdk@2.21.0", "Name": "sentry-sdk", "Identifier": { "PURL": "pkg:pypi/sentry-sdk@2.21.0", "UID": "42f855ed11693049", "BOMRef": "pkg:pypi/sentry-sdk@2.21.0" }, "Version": "2.21.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/sentry_sdk-2.21.0.dist-info/METADATA", "Digest": "sha1:5af3250fb5606b6a97f62d83513d6010a0d3954f" }, { "ID": "six@1.17.0", "Name": "six", "Identifier": { "PURL": "pkg:pypi/six@1.17.0", "UID": "e45bb15277f1a15e", "BOMRef": "pkg:pypi/six@1.17.0" }, "Version": "1.17.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/six-1.17.0.dist-info/METADATA", "Digest": "sha1:483a26554261f6c839703c0e1183f3ef33ff97f1" }, { "ID": "sniffio@1.3.1", "Name": "sniffio", "Identifier": { "PURL": "pkg:pypi/sniffio@1.3.1", "UID": "9b22d1e486470989", "BOMRef": "pkg:pypi/sniffio@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT", "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/sniffio-1.3.1.dist-info/METADATA", "Digest": "sha1:bc1d7aead770fe23c8d22666b84558edb3686da3" }, { "ID": "soundfile@0.12.1", "Name": "soundfile", "Identifier": { "PURL": "pkg:pypi/soundfile@0.12.1", "UID": "c30811fa56cab871", "BOMRef": "pkg:pypi/soundfile@0.12.1" }, "Version": "0.12.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/soundfile-0.12.1.dist-info/METADATA", "Digest": "sha1:b5ce3ad2ef849be1c4195d05ca730e0f7905e90b" }, { "ID": "sse-starlette@3.2.0", "Name": "sse-starlette", "Identifier": { "PURL": "pkg:pypi/sse-starlette@3.2.0", "UID": "10bd65f89f1780b9", "BOMRef": "pkg:pypi/sse-starlette@3.2.0" }, "Version": "3.2.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/sse_starlette-3.2.0.dist-info/METADATA", "Digest": "sha1:8a6175cd01d1e84f937287b9a9b0879cda2952f8" }, { "ID": "starlette@0.49.1", "Name": "starlette", "Identifier": { "PURL": "pkg:pypi/starlette@0.49.1", "UID": "43beef1206bf4acc", "BOMRef": "pkg:pypi/starlette@0.49.1" }, "Version": "0.49.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/starlette-0.49.1.dist-info/METADATA", "Digest": "sha1:d2dc5927de72d847252d292615f15065928238dc" }, { "ID": "tabulate@0.9.0", "Name": "tabulate", "Identifier": { "PURL": "pkg:pypi/tabulate@0.9.0", "UID": "dacb5f7bed93aa82", "BOMRef": "pkg:pypi/tabulate@0.9.0" }, "Version": "0.9.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tabulate-0.9.0.dist-info/METADATA", "Digest": "sha1:046f2344c8bedde41b94133c1322ae928e80e738" }, { "ID": "tenacity@8.5.0", "Name": "tenacity", "Identifier": { "PURL": "pkg:pypi/tenacity@8.5.0", "UID": "46b74cb29447e223", "BOMRef": "pkg:pypi/tenacity@8.5.0" }, "Version": "8.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tenacity-8.5.0.dist-info/METADATA", "Digest": "sha1:67c962294c30afecad8066ac633a11bd658c5148" }, { "ID": "tiktoken@0.8.0", "Name": "tiktoken", "Identifier": { "PURL": "pkg:pypi/tiktoken@0.8.0", "UID": "ea70b60d62183863", "BOMRef": "pkg:pypi/tiktoken@0.8.0" }, "Version": "0.8.0", "Licenses": [ "MIT License Copyright (c) 2022 OpenAI, Shantanu Jain Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE." ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tiktoken-0.8.0.dist-info/METADATA", "Digest": "sha1:9d84201eb7fb511e2757fbd00150263ff31577b8" }, { "ID": "tokenizers@0.20.2", "Name": "tokenizers", "Identifier": { "PURL": "pkg:pypi/tokenizers@0.20.2", "UID": "11b08b2db5fe1399", "BOMRef": "pkg:pypi/tokenizers@0.20.2" }, "Version": "0.20.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tokenizers-0.20.2.dist-info/METADATA", "Digest": "sha1:86c509fc1d122a9bba1c089e9d38ddd1c56d64cd" }, { "ID": "tomlkit@0.14.0", "Name": "tomlkit", "Identifier": { "PURL": "pkg:pypi/tomlkit@0.14.0", "UID": "bfb9eec4007cc23", "BOMRef": "pkg:pypi/tomlkit@0.14.0" }, "Version": "0.14.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tomlkit-0.14.0.dist-info/METADATA", "Digest": "sha1:7887d40449d9684788cfb76faacc540c0769cac8" }, { "ID": "tornado@6.5.4", "Name": "tornado", "Identifier": { "PURL": "pkg:pypi/tornado@6.5.4", "UID": "3dca0122fe823110", "BOMRef": "pkg:pypi/tornado@6.5.4" }, "Version": "6.5.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tornado-6.5.4.dist-info/METADATA", "Digest": "sha1:a1e2393e5aa6c6bd7c26bfb9b68a31771d14a790" }, { "ID": "tqdm@4.67.3", "Name": "tqdm", "Identifier": { "PURL": "pkg:pypi/tqdm@4.67.3", "UID": "ef509fa7f467b1bd", "BOMRef": "pkg:pypi/tqdm@4.67.3" }, "Version": "4.67.3", "Licenses": [ "MPL-2.0 AND MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tqdm-4.67.3.dist-info/METADATA", "Digest": "sha1:0135af1981d2b0f1326020f991192d869693b873" }, { "ID": "typing-inspection@0.4.2", "Name": "typing-inspection", "Identifier": { "PURL": "pkg:pypi/typing-inspection@0.4.2", "UID": "1d059894474a48c3", "BOMRef": "pkg:pypi/typing-inspection@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/typing_inspection-0.4.2.dist-info/METADATA", "Digest": "sha1:455fdb9c8e246ba02c2a28655287401b62028b60" }, { "ID": "typing_extensions@4.15.0", "Name": "typing_extensions", "Identifier": { "PURL": "pkg:pypi/typing-extensions@4.15.0", "UID": "fd866519ffaa1c1f", "BOMRef": "pkg:pypi/typing-extensions@4.15.0" }, "Version": "4.15.0", "Licenses": [ "PSF-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/typing_extensions-4.15.0.dist-info/METADATA", "Digest": "sha1:c5c2ce18351f8f2ae0f4a6f7c84c523f342010ee" }, { "ID": "tzdata@2025.1", "Name": "tzdata", "Identifier": { "PURL": "pkg:pypi/tzdata@2025.1", "UID": "d84503e9cc484c97", "BOMRef": "pkg:pypi/tzdata@2025.1" }, "Version": "2025.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tzdata-2025.1.dist-info/METADATA", "Digest": "sha1:6e57a2a6ed74712dd41842370b1c12bb8446d4b1" }, { "ID": "tzlocal@5.3.1", "Name": "tzlocal", "Identifier": { "PURL": "pkg:pypi/tzlocal@5.3.1", "UID": "1d307a67d32d0c90", "BOMRef": "pkg:pypi/tzlocal@5.3.1" }, "Version": "5.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/tzlocal-5.3.1.dist-info/METADATA", "Digest": "sha1:fa463c4a745ae9f56544484fb7724eb107786eb4" }, { "ID": "urllib3@2.6.3", "Name": "urllib3", "Identifier": { "PURL": "pkg:pypi/urllib3@2.6.3", "UID": "cfdbb8abe830ea5", "BOMRef": "pkg:pypi/urllib3@2.6.3" }, "Version": "2.6.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/urllib3-2.6.3.dist-info/METADATA", "Digest": "sha1:8e2cd7246c7dce09d4590affab6060ec527397c1" }, { "ID": "uvicorn@0.31.1", "Name": "uvicorn", "Identifier": { "PURL": "pkg:pypi/uvicorn@0.31.1", "UID": "65c1ca3f6fb3bd45", "BOMRef": "pkg:pypi/uvicorn@0.31.1" }, "Version": "0.31.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/uvicorn-0.31.1.dist-info/METADATA", "Digest": "sha1:d229686a1d0f8b25bbb3ca0ab3b5519a37abc2b2" }, { "ID": "uvloop@0.21.0", "Name": "uvloop", "Identifier": { "PURL": "pkg:pypi/uvloop@0.21.0", "UID": "3f6e2f4bdd96fef", "BOMRef": "pkg:pypi/uvloop@0.21.0" }, "Version": "0.21.0", "Licenses": [ "Apache-2.0", "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/uvloop-0.21.0.dist-info/METADATA", "Digest": "sha1:eecfee7932b6d8397d72414b9a42e8b34c4dcbe7" }, { "ID": "websockets@15.0.1", "Name": "websockets", "Identifier": { "PURL": "pkg:pypi/websockets@15.0.1", "UID": "4760b10989ff2a00", "BOMRef": "pkg:pypi/websockets@15.0.1" }, "Version": "15.0.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/websockets-15.0.1.dist-info/METADATA", "Digest": "sha1:7bcef50b72ed117258a503c68d7f5dd194872067" }, { "ID": "wheel@0.46.3", "Name": "wheel", "Identifier": { "PURL": "pkg:pypi/wheel@0.46.3", "UID": "818bb4fddbbb4072", "BOMRef": "pkg:pypi/wheel@0.46.3" }, "Version": "0.46.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/wheel-0.46.3.dist-info/METADATA", "Digest": "sha1:241e26c983f51b16a8c352de6e874712a4b70e52" }, { "ID": "wrapt@1.17.3", "Name": "wrapt", "Identifier": { "PURL": "pkg:pypi/wrapt@1.17.3", "UID": "73b61d455a4edc81", "BOMRef": "pkg:pypi/wrapt@1.17.3" }, "Version": "1.17.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/wrapt-1.17.3.dist-info/METADATA", "Digest": "sha1:dbb2682fa0ce1b88bad298721b69b9263a689653" }, { "ID": "xmltodict@1.0.4", "Name": "xmltodict", "Identifier": { "PURL": "pkg:pypi/xmltodict@1.0.4", "UID": "3e86e78d99babe6e", "BOMRef": "pkg:pypi/xmltodict@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/xmltodict-1.0.4.dist-info/METADATA", "Digest": "sha1:bd19f1f027500e9a68b016cf681821a8c03e34ef" }, { "ID": "yarl@1.22.0", "Name": "yarl", "Identifier": { "PURL": "pkg:pypi/yarl@1.22.0", "UID": "82fd7e96b97646a5", "BOMRef": "pkg:pypi/yarl@1.22.0" }, "Version": "1.22.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/yarl-1.22.0.dist-info/METADATA", "Digest": "sha1:f41ac3bd0464e5ad45fa596ed3de6fc69d98568d" }, { "ID": "zipp@3.23.0", "Name": "zipp", "Identifier": { "PURL": "pkg:pypi/zipp@3.23.0", "UID": "3b7d36e663aa323d", "BOMRef": "pkg:pypi/zipp@3.23.0" }, "Version": "3.23.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "FilePath": "usr/lib/python3.13/site-packages/zipp-3.23.0.dist-info/METADATA", "Digest": "sha1:d7974cc6cd5ace30ae2bf7e89ed458fc7e46a194" } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-32597", "VendorIDs": [ "GHSA-752w-5fwx-jx9f" ], "PkgID": "PyJWT@2.9.0", "PkgName": "PyJWT", "PkgPath": "usr/lib/python3.13/site-packages/PyJWT-2.9.0.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pyjwt@2.9.0", "UID": "3377c1f2090f432d", "BOMRef": "pkg:pypi/pyjwt@2.9.0" }, "InstalledVersion": "2.9.0", "FixedVersion": "2.12.0", "Status": "fixed", "Layer": { "Digest": "sha256:a6cd584003683c40b383156cba389b114643d0015dc4a5396129945e09bbb0e9", "DiffID": "sha256:930dae14c1c45ca0925ed1808f78b4a1618c1042cd14e72c2f8fd24c4e5e461c" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-32597", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:d131734b884eb278bfd56b4e76f920a52392dde00f313e9ec778f4578dc2074a", "Title": "pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation)", "Description": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC. This vulnerability is fixed in 2.12.0.", "Severity": "HIGH", "CweIDs": [ "CWE-345", "CWE-863" ], "VendorSeverity": { "amazon": 2, "ghsa": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-32597", "https://github.com/jpadilla/pyjwt", "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f", "https://nvd.nist.gov/vuln/detail/CVE-2026-32597", "https://ubuntu.com/security/notices/USN-8133-1", "https://www.cve.org/CVERecord?id=CVE-2026-32597" ], "PublishedDate": "2026-03-13T19:55:09.5Z", "LastModifiedDate": "2026-03-19T13:30:29.217Z" }, { "VulnerabilityID": "CVE-2026-4539", "VendorIDs": [ "GHSA-5239-wwwm-4pmq" ], "PkgID": "Pygments@2.19.2", "PkgName": "Pygments", "PkgPath": "usr/lib/python3.13/site-packages/pygments-2.19.2.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pygments@2.19.2", "UID": "82a16a02407b45b", "BOMRef": "pkg:pypi/pygments@2.19.2" }, "InstalledVersion": "2.19.2", "FixedVersion": "2.20.0", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4539", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:ebde05e4d8dcd73a17075046f3361dd78663645fafd33c8dceda93495fbf43d3", "Title": "pygments: Pygments: Denial of Service via inefficient regular expression processing in AdlLexer", "Description": "A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.", "Severity": "LOW", "CweIDs": [ "CWE-400", "CWE-1333" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "V3Score": 3.3, "V40Score": 1.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4539", "https://github.com/pygments/pygments", "https://github.com/pygments/pygments/", "https://github.com/pygments/pygments/commit/24b8aa76c6cd6d70f39c6dd605cce319c98e2ccc", "https://github.com/pygments/pygments/issues/3058", "https://github.com/pygments/pygments/pull/3064", "https://github.com/pygments/pygments/releases/tag/2.20.0", "https://nvd.nist.gov/vuln/detail/CVE-2026-4539", "https://vuldb.com/?ctiid.352327", "https://vuldb.com/?id.352327", "https://vuldb.com/?submit.774685", "https://www.cve.org/CVERecord?id=CVE-2026-4539" ], "PublishedDate": "2026-03-22T06:16:20.913Z", "LastModifiedDate": "2026-03-23T14:31:37.267Z" }, { "VulnerabilityID": "CVE-2026-22815", "VendorIDs": [ "GHSA-w2fm-2cpv-w7v5" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22815", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:e297cb5a8fd78db1e9ad3bb29c1a40a1df63eabccc96ee4b5deb56e6c856a4ab", "Title": "aiohttp: AIOHTTP: Denial of Service via insufficient header/trailer handling", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-770" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-22815", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-w2fm-2cpv-w7v5", "https://nvd.nist.gov/vuln/detail/CVE-2026-22815", "https://www.cve.org/CVERecord?id=CVE-2026-22815" ], "PublishedDate": "2026-04-01T21:16:58.513Z", "LastModifiedDate": "2026-04-04T04:17:11.5Z" }, { "VulnerabilityID": "CVE-2026-34515", "VendorIDs": [ "GHSA-p998-jp59-783m" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34515", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:aa0ff32af4423f451a9b5ca9ffda6e685d476c23cfcad9f23218d016963c6ee4", "Title": "aiohttp: AIOHTTP: Information disclosure via static resource handler on Windows", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This issue has been patched in version 3.13.4.", "Severity": "MEDIUM", "CweIDs": [ "CWE-36", "CWE-918" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 6.6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34515", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/0ae2aa076c84573df83fc1fdc39eec0f5862fe3d", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-p998-jp59-783m", "https://nvd.nist.gov/vuln/detail/CVE-2026-34515", "https://www.cve.org/CVERecord?id=CVE-2026-34515" ], "PublishedDate": "2026-04-01T21:16:59.57Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34516", "VendorIDs": [ "GHSA-m5qp-6w8w-w647" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34516", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:866e8a4d5186c80beaf50090938ccce515a3aaa37fd8a0f3288f6eb882018131", "Title": "aiohttp: AIOHTTP: Denial of Service via excessive multipart headers", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. This issue has been patched in version 3.13.4.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U", "V40Score": 6.6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34516", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-m5qp-6w8w-w647", "https://nvd.nist.gov/vuln/detail/CVE-2026-34516", "https://www.cve.org/CVERecord?id=CVE-2026-34516" ], "PublishedDate": "2026-04-01T21:16:59.723Z", "LastModifiedDate": "2026-04-04T04:17:20.147Z" }, { "VulnerabilityID": "CVE-2026-34525", "VendorIDs": [ "GHSA-c427-h43c-vf67" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34525", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:e84f570f991af8f81da0073310141adbbe376c44e2bb855e226ffeb8826b2695", "Title": "aiohttp: aiohttp: Security bypass via multiple Host headers", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-444" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N", "V40Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", "V3Score": 5.4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34525", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000", "https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67", "https://nvd.nist.gov/vuln/detail/CVE-2026-34525", "https://www.cve.org/CVERecord?id=CVE-2026-34525" ], "PublishedDate": "2026-04-01T21:17:00.49Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34513", "VendorIDs": [ "GHSA-hcc4-c3v8-rx92" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34513", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:96526097b9e565fbcbf5ef8c916c84641b20edb5fca07d11d43577d13d9175e1", "Title": "aiohttp: AIOHTTP: Denial of Service due to unbounded DNS cache", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34513", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-hcc4-c3v8-rx92", "https://nvd.nist.gov/vuln/detail/CVE-2026-34513", "https://www.cve.org/CVERecord?id=CVE-2026-34513" ], "PublishedDate": "2026-04-01T21:16:59.267Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34514", "VendorIDs": [ "GHSA-2vrm-gr82-f7m5" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34514", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:e702c6a7f468a334f650f8b9550cb73a6231ea5b2f4a9cfd8d21e0428e1a106a", "Title": "aiohttp: AIOHTTP: Header Injection via content_type parameter manipulation", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-113" ], "VendorSeverity": { "ghsa": 1, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34514", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-2vrm-gr82-f7m5", "https://nvd.nist.gov/vuln/detail/CVE-2026-34514", "https://www.cve.org/CVERecord?id=CVE-2026-34514" ], "PublishedDate": "2026-04-01T21:16:59.417Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34517", "VendorIDs": [ "GHSA-3wq7-rqq7-wx6j" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34517", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:a54f789989605bca58808a5eb74e695bddcaf31106f6193215b12e8ab415dc30", "Title": "aiohttp: AIOHTTP: Denial of Service via large multipart form fields", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking client_max_size. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34517", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-3wq7-rqq7-wx6j", "https://nvd.nist.gov/vuln/detail/CVE-2026-34517", "https://www.cve.org/CVERecord?id=CVE-2026-34517" ], "PublishedDate": "2026-04-01T21:16:59.87Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34518", "VendorIDs": [ "GHSA-966j-vmvw-g2g9" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34518", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:17f8068b71428244ee87fc4bd501180d108baf2d9105f003b3bb86d35173ad70", "Title": "aiohttp: AIOHTTP: Information disclosure via retained Cookie and Proxy-Authorization headers during redirects", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-200" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34518", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-966j-vmvw-g2g9", "https://nvd.nist.gov/vuln/detail/CVE-2026-34518", "https://www.cve.org/CVERecord?id=CVE-2026-34518" ], "PublishedDate": "2026-04-01T21:17:00.02Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34519", "VendorIDs": [ "GHSA-mwh4-6h8g-pg8w" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34519", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:c677ff157a1bb25fab314b79823db49eca07785b4ab4ea1dd8c7d70fb78e8fe3", "Title": "aiohttp: aiohttp: Header injection vulnerability via reason parameter", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-113" ], "VendorSeverity": { "ghsa": 1, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34519", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mwh4-6h8g-pg8w", "https://nvd.nist.gov/vuln/detail/CVE-2026-34519", "https://www.cve.org/CVERecord?id=CVE-2026-34519" ], "PublishedDate": "2026-04-01T21:17:00.17Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34520", "VendorIDs": [ "GHSA-63hf-3vf5-4wqf" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "45f1a6e0731480e", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34520", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:0770c420fed18efd646b9b1025c31ad6b249ef4b7310b4e44012f102049b74b9", "Title": "aiohttp: AIOHTTP: Header injection vulnerability due to improper character handling", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-113" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34520", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-63hf-3vf5-4wqf", "https://nvd.nist.gov/vuln/detail/CVE-2026-34520", "https://www.cve.org/CVERecord?id=CVE-2026-34520" ], "PublishedDate": "2026-04-01T21:17:00.333Z", "LastModifiedDate": "2026-04-04T04:17:20.773Z" }, { "VulnerabilityID": "CVE-2026-34073", "VendorIDs": [ "GHSA-m959-cc7f-wv43" ], "PkgID": "cryptography@46.0.5", "PkgName": "cryptography", "PkgPath": "usr/lib/python3.13/site-packages/cryptography-46.0.5.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/cryptography@46.0.5", "UID": "e0ef37e1a2b28fbe", "BOMRef": "pkg:pypi/cryptography@46.0.5" }, "InstalledVersion": "46.0.5", "FixedVersion": "46.0.6", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34073", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:a0a15bf12f7993f9515806d984f1ae6b5269b33fee66ade32b33b7c56ca46249", "Title": "cryptography: python: Cryptography: Security bypass due to improper DNS name constraint validation", "Description": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the \"peer name\" presented during each validation. Consequently, cryptography would allow a peer named bar.example.com to validate against a wildcard leaf certificate for *.example.com, even if the leaf's parent certificate (or upwards) contained an excluded subtree constraint for bar.example.com. This issue has been patched in version 46.0.6.", "Severity": "LOW", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 1.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34073", "https://github.com/pyca/cryptography", "https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43", "https://nvd.nist.gov/vuln/detail/CVE-2026-34073", "https://www.cve.org/CVERecord?id=CVE-2026-34073" ], "PublishedDate": "2026-03-31T03:15:59.123Z", "LastModifiedDate": "2026-04-01T14:24:02.583Z" }, { "VulnerabilityID": "CVE-2026-35030", "VendorIDs": [ "GHSA-jjhc-v7c2-5hh6" ], "PkgID": "litellm@1.81.15", "PkgName": "litellm", "PkgPath": "usr/lib/python3.13/site-packages/litellm-1.81.15.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/litellm@1.81.15", "UID": "a28256b2f6c1f24", "BOMRef": "pkg:pypi/litellm@1.81.15" }, "InstalledVersion": "1.81.15", "FixedVersion": "1.83.0", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-35030", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:4c271c3bffa665d3dd647bb9e5e819c137940df7766a6d9087242ac625326032", "Title": "LiteLLM: Authentication bypass via OIDC userinfo cache key collision", "Description": "### Impact\n\nWhen JWT authentication is enabled (`enable_jwt_auth: true`), the OIDC userinfo cache uses `token[:20]` as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters.\n\nThis configuration option is not enabled by default. **Most instances are not affected.**\n\nAn unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled.\n\n### Patches\n\nFixed in v1.83.0. The cache key now uses the full hash of the JWT token.\n\n### Workarounds\n\nDisable OIDC userinfo caching by setting the cache TTL to 0, or disable JWT authentication entirely.", "Severity": "CRITICAL", "VendorSeverity": { "ghsa": 4 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N", "V40Score": 9.4 } }, "References": [ "https://github.com/BerriAI/litellm", "https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6" ] }, { "VulnerabilityID": "CVE-2026-35029", "VendorIDs": [ "GHSA-53mr-6c8q-9789" ], "PkgID": "litellm@1.81.15", "PkgName": "litellm", "PkgPath": "usr/lib/python3.13/site-packages/litellm-1.81.15.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/litellm@1.81.15", "UID": "a28256b2f6c1f24", "BOMRef": "pkg:pypi/litellm@1.81.15" }, "InstalledVersion": "1.81.15", "FixedVersion": "1.83.0", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-35029", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:998291311a0674b4f4105004d88662599a63d2d042ac9839247fc197329f39c0", "Title": "LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint", "Description": "### Impact\n\nThe `/config/update endpoint` does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to do the following:\n\n - Modify proxy configuration and environment variables\n - Register custom pass-through endpoint handlers pointing to attacker-controlled Python code, achieving remote code execution\n - Read arbitrary server files by setting UI_LOGO_PATH and fetching via /get_image\n - Take over other priveleged accounts by overwriting UI_USERNAME and UI_PASSWORD environment variables\n\n### Patches\n\nFixed in v1.83.0. The endpoint now requires `proxy_admin` role.\n\n### Workarounds\n\nRestrict API key distribution. There is no configuration-level workaround.", "Severity": "HIGH", "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N", "V40Score": 8.7 } }, "References": [ "https://github.com/BerriAI/litellm", "https://github.com/BerriAI/litellm/security/advisories/GHSA-53mr-6c8q-9789" ] }, { "VulnerabilityID": "CVE-2026-30922", "VendorIDs": [ "GHSA-jr27-m4p2-rc6r" ], "PkgID": "pyasn1@0.6.2", "PkgName": "pyasn1", "PkgPath": "usr/lib/python3.13/site-packages/pyasn1-0.6.2.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pyasn1@0.6.2", "UID": "59ed395849f7cb21", "BOMRef": "pkg:pypi/pyasn1@0.6.2" }, "InstalledVersion": "0.6.2", "FixedVersion": "0.6.3", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-30922", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:c8b01b67777a21a211fe112adb623397adbfa193f38a4aca319365ee454edac6", "Title": "pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion", "Description": "pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the `pyasn1` library is vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested `SEQUENCE` (`0x30`) or `SET` (`0x31`) tags with \"Indefinite Length\" (`0x80`) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a `RecursionError` or consumes all available memory (OOM), crashing the host application. This is a distinct vulnerability from CVE-2026-23490 (which addressed integer overflows in OID decoding). The fix for CVE-2026-23490 (`MAX_OID_ARC_CONTINUATION_OCTETS`) does not mitigate this recursion issue. Version 0.6.3 fixes this specific issue.", "Severity": "HIGH", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "ghsa": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/20/4", "https://access.redhat.com/security/cve/CVE-2026-30922", "https://github.com/pyasn1/pyasn1", "https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0", "https://github.com/pyasn1/pyasn1/commit/5a49bd1fe93b5b866a1210f6bf0a3924f21572c8", "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.3", "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r", "https://nvd.nist.gov/vuln/detail/CVE-2026-30922", "https://ubuntu.com/security/notices/USN-8129-1", "https://ubuntu.com/security/notices/USN-8134-1", "https://www.cve.org/CVERecord?id=CVE-2026-30922" ], "PublishedDate": "2026-03-18T04:17:18.397Z", "LastModifiedDate": "2026-03-21T01:17:06.36Z" }, { "VulnerabilityID": "CVE-2026-28351", "VendorIDs": [ "GHSA-f2v5-7jq9-h8cg" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "aed4e2107eb357d2", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.7.4", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-28351", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:ac48f2ef3cb60607f6a86d9f0af7c00064a2adca351e02d2134eba250197a03b", "Title": "pypdf: pypdf: Denial of Service via crafted PDF with RunLengthDecode filter", "Description": "pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter. This has been fixed in pypdf 6.7.4. As a workaround, consider applying the changes from PR #3664.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-28351", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/commit/f309c6003746414dc7b5048c19e6d879ff2dc858", "https://github.com/py-pdf/pypdf/pull/3664", "https://github.com/py-pdf/pypdf/releases/tag/6.7.4", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-f2v5-7jq9-h8cg", "https://nvd.nist.gov/vuln/detail/CVE-2026-28351", "https://www.cve.org/CVERecord?id=CVE-2026-28351" ], "PublishedDate": "2026-02-27T21:16:19.177Z", "LastModifiedDate": "2026-03-03T18:36:06.29Z" }, { "VulnerabilityID": "CVE-2026-28804", "VendorIDs": [ "GHSA-9m86-7pmv-2852" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "aed4e2107eb357d2", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.7.5", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-28804", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:c5952a4d82e7840fff25510492a6dce34bb144a6867af4d09cf0ff5e70ef5c48", "Title": "pypdf: pypdf: Denial of Service via crafted PDF with ASCIIHexDecode filter", "Description": "pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-28804", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/commit/648c627d2657447dfb1773412af05a0a5103b98f", "https://github.com/py-pdf/pypdf/pull/3666", "https://github.com/py-pdf/pypdf/releases/tag/6.7.5", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-9m86-7pmv-2852", "https://nvd.nist.gov/vuln/detail/CVE-2026-28804", "https://www.cve.org/CVERecord?id=CVE-2026-28804" ], "PublishedDate": "2026-03-06T07:16:01.22Z", "LastModifiedDate": "2026-03-10T19:39:37.18Z" }, { "VulnerabilityID": "CVE-2026-31826", "VendorIDs": [ "GHSA-hqmh-ppp3-xvm7" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "aed4e2107eb357d2", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.8.0", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31826", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:81625403112b52f962c9611c4094ee3a12ea5254189a0d6b2b3e0bbef46298c6", "Title": "pypdf: pypdf: Denial of Service due to excessive memory consumption via crafted PDF", "Description": "pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. This vulnerability is fixed in 6.8.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 6.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31826", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/commit/3c550b3196adeba1506a26e57c09c09fac75e9aa", "https://github.com/py-pdf/pypdf/pull/3675", "https://github.com/py-pdf/pypdf/releases/tag/6.8.0", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-hqmh-ppp3-xvm7", "https://nvd.nist.gov/vuln/detail/CVE-2026-31826", "https://www.cve.org/CVERecord?id=CVE-2026-31826" ], "PublishedDate": "2026-03-10T22:16:20.483Z", "LastModifiedDate": "2026-03-17T20:52:08.673Z" }, { "VulnerabilityID": "CVE-2026-33123", "VendorIDs": [ "GHSA-qpxp-75px-xjcp" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "aed4e2107eb357d2", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.9.1", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33123", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:51889af92828f06c19679b5b728f2b53ace48b55c79fc20e0fabcbb52bb33b32", "Title": "pypdf: pypdf: Denial of Service due to excessive resource consumption from crafted PDF", "Description": "pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-407" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 5.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 4.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33123", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/pull/3686", "https://github.com/py-pdf/pypdf/releases/tag/6.9.1", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-qpxp-75px-xjcp", "https://nvd.nist.gov/vuln/detail/CVE-2026-33123", "https://www.cve.org/CVERecord?id=CVE-2026-33123" ], "PublishedDate": "2026-03-20T10:16:18.717Z", "LastModifiedDate": "2026-03-23T15:48:01.007Z" }, { "VulnerabilityID": "CVE-2026-33699", "VendorIDs": [ "GHSA-87mj-5ggw-8qc3" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "aed4e2107eb357d2", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.9.2", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33699", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:57aa24bc99c31415a9c5a57bc1cb11b5699510fea029b341f5eb7b33dce258b9", "Title": "pypdf: pypdf: Denial of Service via crafted PDF in non-strict mode", "Description": "pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider applying the changes from the patch manually.", "Severity": "MEDIUM", "CweIDs": [ "CWE-835" ], "VendorSeverity": { "ghsa": 2, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U", "V40Score": 4.6 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33699", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/pull/3693", "https://github.com/py-pdf/pypdf/releases/tag/6.9.2", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-87mj-5ggw-8qc3", "https://nvd.nist.gov/vuln/detail/CVE-2026-33699", "https://www.cve.org/CVERecord?id=CVE-2026-33699" ], "PublishedDate": "2026-03-27T01:16:19.147Z", "LastModifiedDate": "2026-04-01T16:01:35.88Z" }, { "VulnerabilityID": "CVE-2026-25645", "VendorIDs": [ "GHSA-gc5v-m9x4-r6x2" ], "PkgID": "requests@2.32.5", "PkgName": "requests", "PkgPath": "usr/lib/python3.13/site-packages/requests-2.32.5.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/requests@2.32.5", "UID": "4e43ed6f8bbb8cd0", "BOMRef": "pkg:pypi/requests@2.32.5" }, "InstalledVersion": "2.32.5", "FixedVersion": "2.33.0", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25645", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:2b3005b07dc5a6b7e5412ddcf35545abddc5483e79b217a7af964879fbbeb4d4", "Title": "requests: Requests: Security bypass due to predictable temporary file creation", "Description": "Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker with write access to the temp directory could pre-create a malicious file that would be loaded in place of the legitimate one. Standard usage of the Requests library is not affected by this vulnerability. Only applications that call `extract_zipped_paths()` directly are impacted. Starting in version 2.33.0, the library extracts files to a non-deterministic location. If developers are unable to upgrade, they can set `TMPDIR` in their environment to a directory with restricted write access.", "Severity": "MEDIUM", "CweIDs": [ "CWE-377" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.4 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25645", "https://github.com/psf/requests", "https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7", "https://github.com/psf/requests/releases/tag/v2.33.0", "https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2", "https://nvd.nist.gov/vuln/detail/CVE-2026-25645", "https://www.cve.org/CVERecord?id=CVE-2026-25645" ], "PublishedDate": "2026-03-25T17:16:52.97Z", "LastModifiedDate": "2026-03-30T14:23:16.127Z" }, { "VulnerabilityID": "CVE-2026-31958", "VendorIDs": [ "GHSA-qjxf-f2mg-c6mc" ], "PkgID": "tornado@6.5.4", "PkgName": "tornado", "PkgPath": "usr/lib/python3.13/site-packages/tornado-6.5.4.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/tornado@6.5.4", "UID": "3dca0122fe823110", "BOMRef": "pkg:pypi/tornado@6.5.4" }, "InstalledVersion": "6.5.4", "FixedVersion": "6.5.5", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31958", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:10b5831ac0a0f1c5feae09fe9ece4ce967a81416be39c47bd967452119025f77", "Title": "tornado-python: Tornado: Denial of Service via large multipart bodies", "Description": "Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the max_body_size setting (default 100MB). Since parsing occurs synchronously on the main thread, this creates the possibility of denial-of-service due to the cost of parsing very large multipart bodies with many parts. This vulnerability is fixed in 6.5.5.", "Severity": "HIGH", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31958", "https://github.com/tornadoweb/tornado", "https://github.com/tornadoweb/tornado/commit/119a195e290c43ad2d63a2cf012c29d43d6ed839", "https://github.com/tornadoweb/tornado/releases/tag/v6.5.5", "https://github.com/tornadoweb/tornado/security/advisories/GHSA-qjxf-f2mg-c6mc", "https://lists.debian.org/debian-lts-announce/2026/04/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-31958", "https://www.cve.org/CVERecord?id=CVE-2026-31958" ], "PublishedDate": "2026-03-11T20:16:16.617Z", "LastModifiedDate": "2026-04-01T15:23:00.217Z" }, { "VulnerabilityID": "GHSA-78cv-mqj4-43f7", "PkgID": "tornado@6.5.4", "PkgName": "tornado", "PkgPath": "usr/lib/python3.13/site-packages/tornado-6.5.4.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/tornado@6.5.4", "UID": "3dca0122fe823110", "BOMRef": "pkg:pypi/tornado@6.5.4" }, "InstalledVersion": "6.5.4", "FixedVersion": "6.5.5", "Status": "fixed", "Layer": { "Digest": "sha256:448b16a52a3deb8905bc0b8c713e38e5ac37e61f371e12b1d98f2671acb483f0", "DiffID": "sha256:223e550d9048679ca86fa0fa72b0e8ed327ee7a639439cd12ce1e9f3557d0acf" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-78cv-mqj4-43f7", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:f1ac92fd089dcd90594868f05741f3d0f04d06b7805421f130ef6c9c03c5ab43", "Title": "Tornado has incomplete validation of cookie attributes", "Description": "Values passed to the `domain`, `path`, and `samesite` arguments of `RequestHandler.set_cookie` were not completely validated in versions of Tornado prior to 6.5.5. In particular, semicolons would be allowed, which could be used to inject attacker-controlled values for other cookie attributes.", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "V3Score": 5.4 } }, "References": [ "https://github.com/tornadoweb/tornado", "https://github.com/tornadoweb/tornado/commit/24a2d96ea115f663b223887deb0060f13974c104", "https://github.com/tornadoweb/tornado/releases/tag/v6.5.5", "https://github.com/tornadoweb/tornado/security/advisories/GHSA-78cv-mqj4-43f7" ], "PublishedDate": "2026-03-11T22:17:00Z", "LastModifiedDate": "2026-03-11T22:17:00Z" } ] } ] }