{ "SchemaVersion": 2, "Trivy": { "Version": "0.69.3" }, "ReportID": "019d57b3-4895-7bc1-bff8-b38d87dde262", "CreatedAt": "2026-04-04T08:54:20.565771528Z", "ArtifactName": "sboms/ai-containers-litellm-v1.81.15-cyclonedx.json", "ArtifactType": "cyclonedx", "Metadata": { "OS": { "Family": "wolfi", "Name": "20230201" }, "ImageID": "sha256:d2df9501c8d58c1055282946aec436885b8fac582b62511f106ae973ba510fdb", "DiffIDs": [ "sha256:065123985f116c8cb4b15d734329d7e039f0fcc535c2e72e3d1eeb27b10cafcd", "sha256:09415f6704429bf538351a5149a730bf1f254708ab21586991db5bb27b8907bd", "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe", "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa", "sha256:1f7b804e2e3b2ce78f108ce6ea8e3c5c42309860a59a5342e101ba77669d8a92", "sha256:226e8c81da0ec58d02ae0fbbc80e85abfeda66d856e9b47aaf191a53de704d6f", "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0", "sha256:49c40e11224bf3f8b3768d4680a9a3e8cf8b41452345b944b2712a0d8c439d76", "sha256:51bcbb91b4d949bc10c2d0fb1657c439d6de32fe886c68b0ef410c479e86c0a3", "sha256:5b153ab18b3f50e849a61a4c513d68babccc0740a71b80b74b9a7bd3928516f3", "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", "sha256:6562679d109c939489d457fcbd6d961c9d5f592f316cefcb2e62fa595199797a", "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1", "sha256:70991d5976e247cb33ca1923edd3f609e6c23f527dbe62b838d6a03c0bca6453", "sha256:7f721e79f42a0899ace8c2df18913c19d9f827d9b6a2271eaa1f15af5cb164ef", "sha256:87f972c78e205fa9c02f92e6f333aa19417f61a3040f235aef3ee451f41ad0d8", "sha256:8e1e20fa39a3b406637c68b5bcff0770fd1deb6f81da5fd2c126bfddd90c76f8", "sha256:98481b16b5b7db2fe5071acddc9cb81c29411335c97e9ddeb35c7c800d9fb568", "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1", "sha256:b53651b43c41e7139e1e3847f85c555832597257d63e7582d61927e69e137b96", "sha256:b6b512b9108959a393f94a860379497c2fb37e0ed270f661cc418c748808fc39", "sha256:b8195249dcd92d2c0519946f0a9f9d9ec7b88e9a19b5f83bc156103a39d5ab50", "sha256:c34e8c9ad81945bba4e54fc3d6fe36678eb524f6d4e14801055234d888c51d76", "sha256:c38e600be9e3b4d789f0b1f8c9a67b1ff2094481e475a06cea386c5962b57f54", "sha256:d07d33b63123d6b19f386ca4d1696d14a002e9750f4060278a6da985fd5d80a0", "sha256:d48cfd6939a37114f8d5548f1078b4e04e9fb182c1fbbb433bc0cfe11667e8b5", "sha256:db82f5deff7f34c5f76061c7678aad176d0bda60ca1c4b4d1388ab1574d61939" ], "RepoDigests": [ "registry.suse.com/ai/containers/litellm@sha256:d104dae60f1a0c8fc93f837ec30ec4e6430ee70b0d3636874c26bc9920ae34a7" ], "Reference": "registry.suse.com/ai/containers/litellm@sha256:d104dae60f1a0c8fc93f837ec30ec4e6430ee70b0d3636874c26bc9920ae34a7" }, "Results": [ { "Target": "sboms/ai-containers-litellm-v1.81.15-cyclonedx.json (wolfi 20230201)", "Class": "os-pkgs", "Type": "wolfi", "Packages": [ { "ID": "alsa-lib@1.2.15.3-r1", "Name": "alsa-lib", "Identifier": { "PURL": "pkg:apk/wolfi/alsa-lib@1.2.15.3-r1?arch=x86_64\u0026distro=20230201", "UID": "13468b81c5233dc4", "BOMRef": "pkg:apk/wolfi/alsa-lib@1.2.15.3-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.15.3-r1", "Arch": "x86_64", "SrcName": "alsa-lib", "SrcVersion": "1.2.15.3-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:f102fe2f70af2ef8759d1f41d418cc93b507a5c4" }, { "ID": "apk-tools@2.14.10-r10", "Name": "apk-tools", "Identifier": { "PURL": "pkg:apk/wolfi/apk-tools@2.14.10-r10?arch=x86_64\u0026distro=20230201", "UID": "3e452ee0d653c6ca", "BOMRef": "pkg:apk/wolfi/apk-tools@2.14.10-r10?arch=x86_64\u0026distro=20230201" }, "Version": "2.14.10-r10", "Arch": "x86_64", "SrcName": "apk-tools", "SrcVersion": "2.14.10-r10", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "ca-certificates-bundle@20251003-r3", "glibc@2.43-r1", "ld-linux@2.43-r1", "libcrypto3@3.6.1-r1", "libssl3@3.6.1-r1", "wolfi-baselayout@20230201-r27", "zlib@1.3.2-r0" ], "Layer": { "Digest": "sha256:1d53393b78f00c417dbc484afee224f386ba037746127e62a4bc86b6ad11daa1", "DiffID": "sha256:6562679d109c939489d457fcbd6d961c9d5f592f316cefcb2e62fa595199797a" }, "Digest": "sha1:360094f42540d8f16177f251916e29619be762fe" }, { "ID": "bash@5.3-r5", "Name": "bash", "Identifier": { "PURL": "pkg:apk/wolfi/bash@5.3-r5?arch=x86_64\u0026distro=20230201", "UID": "1f2037c4c34801bc", "BOMRef": "pkg:apk/wolfi/bash@5.3-r5?arch=x86_64\u0026distro=20230201" }, "Version": "5.3-r5", "Arch": "x86_64", "SrcName": "bash", "SrcVersion": "5.3-r5", "Licenses": [ "GPL-3.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "ncurses@6.6_p20251230-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:9dd00dcd7654147d2998f5b11213adb52cae5ad2" }, { "ID": "busybox@1.37.0-r54", "Name": "busybox", "Identifier": { "PURL": "pkg:apk/wolfi/busybox@1.37.0-r54?arch=x86_64\u0026distro=20230201", "UID": "aca654f8a0ba155a", "BOMRef": "pkg:apk/wolfi/busybox@1.37.0-r54?arch=x86_64\u0026distro=20230201" }, "Version": "1.37.0-r54", "Arch": "x86_64", "SrcName": "busybox", "SrcVersion": "1.37.0-r54", "Licenses": [ "GPL-2.0-only" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "libcrypt1@2.43-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:3f02fc482423f53d1d5bfdf6094776ebe0b7eba4617489f96d32e6c61ac92d92", "DiffID": "sha256:1f7b804e2e3b2ce78f108ce6ea8e3c5c42309860a59a5342e101ba77669d8a92" }, "Digest": "sha1:dfbfdd4815b2ce870ce5a428f10f6ad21a1f549a" }, { "ID": "c-ares@1.34.6-r0", "Name": "c-ares", "Identifier": { "PURL": "pkg:apk/wolfi/c-ares@1.34.6-r0?arch=x86_64\u0026distro=20230201", "UID": "d5cf9575e5df531c", "BOMRef": "pkg:apk/wolfi/c-ares@1.34.6-r0?arch=x86_64\u0026distro=20230201" }, "Version": "1.34.6-r0", "Arch": "x86_64", "SrcName": "c-ares", "SrcVersion": "1.34.6-r0", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:72c82e5c25bfd691982cf508bfda988bad5ced12" }, { "ID": "ca-certificates-bundle@20251003-r3", "Name": "ca-certificates-bundle", "Identifier": { "PURL": "pkg:apk/wolfi/ca-certificates-bundle@20251003-r3?arch=x86_64\u0026distro=20230201", "UID": "b7a1329569e2e4c5", "BOMRef": "pkg:apk/wolfi/ca-certificates-bundle@20251003-r3?arch=x86_64\u0026distro=20230201" }, "Version": "20251003-r3", "Arch": "x86_64", "SrcName": "ca-certificates", "SrcVersion": "20251003-r3", "Licenses": [ "MPL-2.0", "MIT" ], "DependsOn": [ "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:2a4da0691147ee88d0960b8ac8bda5481f91b115a20a0dcb9f30481401d91d36", "DiffID": "sha256:98481b16b5b7db2fe5071acddc9cb81c29411335c97e9ddeb35c7c800d9fb568" }, "Digest": "sha1:b8fb05eba8b52c5b8e3ae448c96ec4218e2bc447" }, { "ID": "gdbm@1.26-r2", "Name": "gdbm", "Identifier": { "PURL": "pkg:apk/wolfi/gdbm@1.26-r2?arch=x86_64\u0026distro=20230201", "UID": "4c3c1076ad985dd4", "BOMRef": "pkg:apk/wolfi/gdbm@1.26-r2?arch=x86_64\u0026distro=20230201" }, "Version": "1.26-r2", "Arch": "x86_64", "SrcName": "gdbm", "SrcVersion": "1.26-r2", "Licenses": [ "GPL-3.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:375d22e56a0c032b92b8f3bd9eb4112e7864fb25" }, { "ID": "glibc@2.43-r1", "Name": "glibc", "Identifier": { "PURL": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "19fc32b613e931a6", "BOMRef": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.43-r1", "Arch": "x86_64", "SrcName": "glibc", "SrcVersion": "2.43-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "glibc-locale-posix@2.43-r1", "ld-linux@2.43-r1", "libgcc@15.2.0-r9", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "Digest": "sha1:45d78518d648056160ca67d9ced0d9ae735718c3" }, { "ID": "glibc-locale-posix@2.43-r1", "Name": "glibc-locale-posix", "Identifier": { "PURL": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "5e241543b8fe7d0", "BOMRef": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.43-r1", "Arch": "x86_64", "SrcName": "glibc", "SrcVersion": "2.43-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "Digest": "sha1:71c70566fef73a5f03323418c29988aa79322016" }, { "ID": "icu78-data-full@78.2-r0", "Name": "icu78-data-full", "Identifier": { "PURL": "pkg:apk/wolfi/icu78-data-full@78.2-r0?arch=x86_64\u0026distro=20230201", "UID": "e970261dac07e913", "BOMRef": "pkg:apk/wolfi/icu78-data-full@78.2-r0?arch=x86_64\u0026distro=20230201" }, "Version": "78.2-r0", "Arch": "x86_64", "SrcName": "icu", "SrcVersion": "78.2-r0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:e615eeade973d33e6d30bca1bcb08383dec2c505" }, { "ID": "ld-linux@2.43-r1", "Name": "ld-linux", "Identifier": { "PURL": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "e85685852da579df", "BOMRef": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.43-r1", "Arch": "x86_64", "SrcName": "glibc", "SrcVersion": "2.43-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "glibc@2.43-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "Digest": "sha1:36773aca32fddc2957a0b46c436841e49509dd29" }, { "ID": "libbrotlicommon1@1.2.0-r1", "Name": "libbrotlicommon1", "Identifier": { "PURL": "pkg:apk/wolfi/libbrotlicommon1@1.2.0-r1?arch=x86_64\u0026distro=20230201", "UID": "7783d36863177d01", "BOMRef": "pkg:apk/wolfi/libbrotlicommon1@1.2.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.0-r1", "Arch": "x86_64", "SrcName": "brotli", "SrcVersion": "1.2.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:f16ef9c593de91cc6945073b4636aeeda0c80a0e" }, { "ID": "libbrotlidec1@1.2.0-r1", "Name": "libbrotlidec1", "Identifier": { "PURL": "pkg:apk/wolfi/libbrotlidec1@1.2.0-r1?arch=x86_64\u0026distro=20230201", "UID": "f2a0588f28c79066", "BOMRef": "pkg:apk/wolfi/libbrotlidec1@1.2.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.0-r1", "Arch": "x86_64", "SrcName": "brotli", "SrcVersion": "1.2.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1", "libbrotlicommon1@1.2.0-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:b98182b5ebf03788a5dfd808af6e2d3eeb4ff13c" }, { "ID": "libbrotlienc1@1.2.0-r1", "Name": "libbrotlienc1", "Identifier": { "PURL": "pkg:apk/wolfi/libbrotlienc1@1.2.0-r1?arch=x86_64\u0026distro=20230201", "UID": "8d2962b802ecda99", "BOMRef": "pkg:apk/wolfi/libbrotlienc1@1.2.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.0-r1", "Arch": "x86_64", "SrcName": "brotli", "SrcVersion": "1.2.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1", "libbrotlicommon1@1.2.0-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:da1a062cc901589428b8d8fc3daa83a23f8cb929" }, { "ID": "libbz2-1@1.0.8-r22", "Name": "libbz2-1", "Identifier": { "PURL": "pkg:apk/wolfi/libbz2-1@1.0.8-r22?arch=x86_64\u0026distro=20230201", "UID": "4f3f4462cb765dd1", "BOMRef": "pkg:apk/wolfi/libbz2-1@1.0.8-r22?arch=x86_64\u0026distro=20230201" }, "Version": "1.0.8-r22", "Arch": "x86_64", "SrcName": "bzip2", "SrcVersion": "1.0.8-r22", "Licenses": [ "MPL-2.0", "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:7881510d91ca841ea9441e08e4a352199b87ff65" }, { "ID": "libcrypt1@2.43-r1", "Name": "libcrypt1", "Identifier": { "PURL": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "bf9f632e216bab3", "BOMRef": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.43-r1", "Arch": "x86_64", "SrcName": "glibc", "SrcVersion": "2.43-r1", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "glibc@2.43-r1", "libxcrypt@4.5.2-r2", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "Digest": "sha1:c67ac42c65c2936d748c7fbb6161b64c650f3f3f" }, { "ID": "libcrypto3@3.6.1-r1", "Name": "libcrypto3", "Identifier": { "PURL": "pkg:apk/wolfi/libcrypto3@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "85aab75953abd74", "BOMRef": "pkg:apk/wolfi/libcrypto3@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.6.1-r1", "Arch": "x86_64", "SrcName": "openssl", "SrcVersion": "3.6.1-r1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:02fc55a9c757fa6bcfe11d95fb21dbe82723d434ab5cb91cfedf674fb3eb8267", "DiffID": "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0" }, "Digest": "sha1:d8bbdb6c6fc823c4567afe7518475cdeb6cfd67a" }, { "ID": "libexpat1@2.7.4-r1", "Name": "libexpat1", "Identifier": { "PURL": "pkg:apk/wolfi/libexpat1@2.7.4-r1?arch=x86_64\u0026distro=20230201", "UID": "82ef083d60624b3", "BOMRef": "pkg:apk/wolfi/libexpat1@2.7.4-r1?arch=x86_64\u0026distro=20230201" }, "Version": "2.7.4-r1", "Arch": "x86_64", "SrcName": "expat", "SrcVersion": "2.7.4-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:c5b2bb591573c0337e81a12513a9e010ee5f8495" }, { "ID": "libffi@3.5.2-r1", "Name": "libffi", "Identifier": { "PURL": "pkg:apk/wolfi/libffi@3.5.2-r1?arch=x86_64\u0026distro=20230201", "UID": "efc4cef8b97b05b", "BOMRef": "pkg:apk/wolfi/libffi@3.5.2-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.5.2-r1", "Arch": "x86_64", "SrcName": "libffi", "SrcVersion": "3.5.2-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:ce40e7d1f8951ac77983c4e263e2d7b04b194c17" }, { "ID": "libflac@1.4.3-r5", "Name": "libflac", "Identifier": { "PURL": "pkg:apk/wolfi/libflac@1.4.3-r5?arch=x86_64\u0026distro=20230201", "UID": "39f606c30ae05a7d", "BOMRef": "pkg:apk/wolfi/libflac@1.4.3-r5?arch=x86_64\u0026distro=20230201" }, "Version": "1.4.3-r5", "Arch": "x86_64", "SrcName": "flac", "SrcVersion": "1.4.3-r5", "Licenses": [ "BSD-3-Clause", "GPL-2.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "libogg@1.3.6-r3" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:9f85a0f6948efb6edb5a9108403306d5c5eefe79" }, { "ID": "libgcc@15.2.0-r9", "Name": "libgcc", "Identifier": { "PURL": "pkg:apk/wolfi/libgcc@15.2.0-r9?arch=x86_64\u0026distro=20230201", "UID": "3a7d891b2f8b4450", "BOMRef": "pkg:apk/wolfi/libgcc@15.2.0-r9?arch=x86_64\u0026distro=20230201" }, "Version": "15.2.0-r9", "Arch": "x86_64", "SrcName": "gcc", "SrcVersion": "15.2.0-r9", "Licenses": [ "GPL-3.0-or-later WITH GCC-exception-3.1" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1" ], "Layer": { "Digest": "sha256:a45907cabfcb964d4109679f34e2aa5b1fda1d0069e136002f2594df87afa35e", "DiffID": "sha256:b6b512b9108959a393f94a860379497c2fb37e0ed270f661cc418c748808fc39" }, "Digest": "sha1:a384338305a4de5ba0f1cc4a472de2eefdeda7a5" }, { "ID": "libicu78@78.2-r0", "Name": "libicu78", "Identifier": { "PURL": "pkg:apk/wolfi/libicu78@78.2-r0?arch=x86_64\u0026distro=20230201", "UID": "249690462e07a40b", "BOMRef": "pkg:apk/wolfi/libicu78@78.2-r0?arch=x86_64\u0026distro=20230201" }, "Version": "78.2-r0", "Arch": "x86_64", "SrcName": "icu", "SrcVersion": "78.2-r0", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1", "icu78-data-full@78.2-r0", "ld-linux@2.43-r1", "libgcc@15.2.0-r9", "libstdc++@15.2.0-r9" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:7afb4e60da61c174faf3cde4b2919c67653c8630" }, { "ID": "libnghttp2-14@1.68.0-r1", "Name": "libnghttp2-14", "Identifier": { "PURL": "pkg:apk/wolfi/libnghttp2-14@1.68.0-r1?arch=x86_64\u0026distro=20230201", "UID": "1b4bcb9d46ae1e06", "BOMRef": "pkg:apk/wolfi/libnghttp2-14@1.68.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.68.0-r1", "Arch": "x86_64", "SrcName": "nghttp2", "SrcVersion": "1.68.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:51db5560582e98f33ac7d85cce1255191c92a3f3" }, { "ID": "libogg@1.3.6-r3", "Name": "libogg", "Identifier": { "PURL": "pkg:apk/wolfi/libogg@1.3.6-r3?arch=x86_64\u0026distro=20230201", "UID": "bd00feb2cf9b5702", "BOMRef": "pkg:apk/wolfi/libogg@1.3.6-r3?arch=x86_64\u0026distro=20230201" }, "Version": "1.3.6-r3", "Arch": "x86_64", "SrcName": "libogg", "SrcVersion": "1.3.6-r3", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:24e5b3b62b7c88003c8c977b62eb3db15f107af3" }, { "ID": "libsndfile@1.2.2-r2", "Name": "libsndfile", "Identifier": { "PURL": "pkg:apk/wolfi/libsndfile@1.2.2-r2?arch=x86_64\u0026distro=20230201", "UID": "cfb51d31f84de903", "BOMRef": "pkg:apk/wolfi/libsndfile@1.2.2-r2?arch=x86_64\u0026distro=20230201" }, "Version": "1.2.2-r2", "Arch": "x86_64", "SrcName": "libsndfile", "SrcVersion": "1.2.2-r2", "Licenses": [ "LGPL-2.1-or-later" ], "DependsOn": [ "alsa-lib@1.2.15.3-r1", "glibc@2.43-r1", "ld-linux@2.43-r1", "libflac@1.4.3-r5", "libogg@1.3.6-r3", "libvorbis@1.3.7-r7", "opus@1.6.1-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:222cf6c756b25d6aaf54884c124f7291afbb16ad" }, { "ID": "libssl3@3.6.1-r1", "Name": "libssl3", "Identifier": { "PURL": "pkg:apk/wolfi/libssl3@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "2737a9b43318bb67", "BOMRef": "pkg:apk/wolfi/libssl3@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.6.1-r1", "Arch": "x86_64", "SrcName": "openssl", "SrcVersion": "3.6.1-r1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "glibc@2.43-r1", "libcrypto3@3.6.1-r1" ], "Layer": { "Digest": "sha256:02fc55a9c757fa6bcfe11d95fb21dbe82723d434ab5cb91cfedf674fb3eb8267", "DiffID": "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0" }, "Digest": "sha1:ac161813a56c650f73fa5596266b79810629c5f9" }, { "ID": "libstdc++@15.2.0-r9", "Name": "libstdc++", "Identifier": { "PURL": "pkg:apk/wolfi/libstdc%2B%2B@15.2.0-r9?arch=x86_64\u0026distro=20230201", "UID": "6246fac939d68608", "BOMRef": "pkg:apk/wolfi/libstdc%2B%2B@15.2.0-r9?arch=x86_64\u0026distro=20230201" }, "Version": "15.2.0-r9", "Arch": "x86_64", "SrcName": "gcc", "SrcVersion": "15.2.0-r9", "Licenses": [ "GPL-3.0-or-later WITH GCC-exception-3.1" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "libgcc@15.2.0-r9" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:586a6a321fe58c61d7b52123565676db37acd673" }, { "ID": "libuuid@2.41.3-r3", "Name": "libuuid", "Identifier": { "PURL": "pkg:apk/wolfi/libuuid@2.41.3-r3?arch=x86_64\u0026distro=20230201", "UID": "9be37769045801e7", "BOMRef": "pkg:apk/wolfi/libuuid@2.41.3-r3?arch=x86_64\u0026distro=20230201" }, "Version": "2.41.3-r3", "Arch": "x86_64", "SrcName": "util-linux", "SrcVersion": "2.41.3-r3", "Licenses": [ "GPL-3.0-or-later", "GPL-2.0-or-later", "GPL-2.0-only", "GPL-1.0-only", "LGPL-2.1-or-later", "BSD-1-Clause", "BSD-3-Clause", "BSD-4-Clause-UC", "MIT", "CC-PDDC" ], "DependsOn": [ "glibc@2.43-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:578db12606c45c43abe623521fe7c1d8692eeb3a" }, { "ID": "libuv@1.52.0-r0", "Name": "libuv", "Identifier": { "PURL": "pkg:apk/wolfi/libuv@1.52.0-r0?arch=x86_64\u0026distro=20230201", "UID": "9ecc19bd95718e96", "BOMRef": "pkg:apk/wolfi/libuv@1.52.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "1.52.0-r0", "Arch": "x86_64", "SrcName": "libuv", "SrcVersion": "1.52.0-r0", "Licenses": [ "MIT", "ISC" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:c6b05df19485549b3c0a54e97b7a079dc92ee909" }, { "ID": "libvorbis@1.3.7-r7", "Name": "libvorbis", "Identifier": { "PURL": "pkg:apk/wolfi/libvorbis@1.3.7-r7?arch=x86_64\u0026distro=20230201", "UID": "3927d0dee875b07b", "BOMRef": "pkg:apk/wolfi/libvorbis@1.3.7-r7?arch=x86_64\u0026distro=20230201" }, "Version": "1.3.7-r7", "Arch": "x86_64", "SrcName": "libvorbis", "SrcVersion": "1.3.7-r7", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "glibc@2.43-r1", "libogg@1.3.6-r3" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:767b9dd3dce1347ade0946cc58e1accdef131dd9" }, { "ID": "libxcrypt@4.5.2-r2", "Name": "libxcrypt", "Identifier": { "PURL": "pkg:apk/wolfi/libxcrypt@4.5.2-r2?arch=x86_64\u0026distro=20230201", "UID": "fc1ad85f26b1fd3b", "BOMRef": "pkg:apk/wolfi/libxcrypt@4.5.2-r2?arch=x86_64\u0026distro=20230201" }, "Version": "4.5.2-r2", "Arch": "x86_64", "SrcName": "libxcrypt", "SrcVersion": "4.5.2-r2", "Licenses": [ "GPL-2.0-or-later", "LGPL-2.1-or-later" ], "Layer": { "Digest": "sha256:7c6e71c1fdfdf429844e25aad86441920641c0ba46466bc1d043556bfb81b24e", "DiffID": "sha256:70991d5976e247cb33ca1923edd3f609e6c23f527dbe62b838d6a03c0bca6453" }, "Digest": "sha1:1dde219a6ba81f29f519398066c7924a90e34598" }, { "ID": "mpdecimal@4.0.1-r3", "Name": "mpdecimal", "Identifier": { "PURL": "pkg:apk/wolfi/mpdecimal@4.0.1-r3?arch=x86_64\u0026distro=20230201", "UID": "d54fd2a289db2040", "BOMRef": "pkg:apk/wolfi/mpdecimal@4.0.1-r3?arch=x86_64\u0026distro=20230201" }, "Version": "4.0.1-r3", "Arch": "x86_64", "SrcName": "mpdecimal", "SrcVersion": "4.0.1-r3", "Licenses": [ "BSD-2-Clause" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "libgcc@15.2.0-r9", "libstdc++@15.2.0-r9" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:12885674e7ba1c71ee370a6876aedfd8c4f02ce4" }, { "ID": "ncurses@6.6_p20251230-r1", "Name": "ncurses", "Identifier": { "PURL": "pkg:apk/wolfi/ncurses@6.6_p20251230-r1?arch=x86_64\u0026distro=20230201", "UID": "584bcf4873a8d48a", "BOMRef": "pkg:apk/wolfi/ncurses@6.6_p20251230-r1?arch=x86_64\u0026distro=20230201" }, "Version": "6.6_p20251230-r1", "Arch": "x86_64", "SrcName": "ncurses", "SrcVersion": "6.6_p20251230-r1", "Licenses": [ "MIT" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "ncurses-terminfo-base@6.6_p20251230-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:d4f7df25bc5592a35e8b474da4abe726d6453883" }, { "ID": "ncurses-terminfo-base@6.6_p20251230-r1", "Name": "ncurses-terminfo-base", "Identifier": { "PURL": "pkg:apk/wolfi/ncurses-terminfo-base@6.6_p20251230-r1?arch=x86_64\u0026distro=20230201", "UID": "e43b79e9b44822c0", "BOMRef": "pkg:apk/wolfi/ncurses-terminfo-base@6.6_p20251230-r1?arch=x86_64\u0026distro=20230201" }, "Version": "6.6_p20251230-r1", "Arch": "x86_64", "SrcName": "ncurses", "SrcVersion": "6.6_p20251230-r1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:4dd42bfac7a276233bc5b8d479ab024134b7622c" }, { "ID": "nodejs-25@25.7.0-r0", "Name": "nodejs-25", "Identifier": { "PURL": "pkg:apk/wolfi/nodejs-25@25.7.0-r0?arch=x86_64\u0026distro=20230201", "UID": "9249a9f886033e9e", "BOMRef": "pkg:apk/wolfi/nodejs-25@25.7.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "25.7.0-r0", "Arch": "x86_64", "SrcName": "nodejs-25", "SrcVersion": "25.7.0-r0", "Licenses": [ "MIT" ], "DependsOn": [ "c-ares@1.34.6-r0", "glibc@2.43-r1", "ld-linux@2.43-r1", "libbrotlidec1@1.2.0-r1", "libbrotlienc1@1.2.0-r1", "libcrypto3@3.6.1-r1", "libgcc@15.2.0-r9", "libicu78@78.2-r0", "libnghttp2-14@1.68.0-r1", "libssl3@3.6.1-r1", "libstdc++@15.2.0-r9", "libuv@1.52.0-r0", "zlib@1.3.2-r0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:33bf91c3d75cbbe569d1809a9660def861bf5db9" }, { "ID": "npm@11.11.0-r0", "Name": "npm", "Identifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "11.11.0-r0", "Arch": "x86_64", "SrcName": "npm", "SrcVersion": "11.11.0-r0", "Licenses": [ "Artistic-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:5fffad2ab6a7d31cd06d3c3b35c36da012dde2c7" }, { "ID": "openssl@3.6.1-r1", "Name": "openssl", "Identifier": { "PURL": "pkg:apk/wolfi/openssl@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "7ca336c25485b50d", "BOMRef": "pkg:apk/wolfi/openssl@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.6.1-r1", "Arch": "x86_64", "SrcName": "openssl", "SrcVersion": "3.6.1-r1", "Licenses": [ "Apache-2.0" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1", "libcrypto3@3.6.1-r1", "libssl3@3.6.1-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:f8d343216b1b16abe5c51e7f168b2d2209e1bfdb" }, { "ID": "opus@1.6.1-r1", "Name": "opus", "Identifier": { "PURL": "pkg:apk/wolfi/opus@1.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "a770c9a0580afa31", "BOMRef": "pkg:apk/wolfi/opus@1.6.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "1.6.1-r1", "Arch": "x86_64", "SrcName": "opus", "SrcVersion": "1.6.1-r1", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:2015751abf16343d398868abaaeff27211fce661" }, { "ID": "py3-pip-wheel@26.0.1-r1", "Name": "py3-pip-wheel", "Identifier": { "PURL": "pkg:apk/wolfi/py3-pip-wheel@26.0.1-r1?arch=x86_64\u0026distro=20230201", "UID": "6f323559cd8bfd93", "BOMRef": "pkg:apk/wolfi/py3-pip-wheel@26.0.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "26.0.1-r1", "Arch": "x86_64", "SrcName": "py3-pip", "SrcVersion": "26.0.1-r1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:fbfdeab3dd1ad8b3e5d16df7716d10870f3c8ec9" }, { "ID": "py3.13-pip@26.0.1-r1", "Name": "py3.13-pip", "Identifier": { "PURL": "pkg:apk/wolfi/py3.13-pip@26.0.1-r1?arch=x86_64\u0026distro=20230201", "UID": "41f2797c18510126", "BOMRef": "pkg:apk/wolfi/py3.13-pip@26.0.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "26.0.1-r1", "Arch": "x86_64", "SrcName": "py3-pip", "SrcVersion": "26.0.1-r1", "Licenses": [ "MIT" ], "DependsOn": [ "py3.13-pip-base@26.0.1-r1", "python-3.13-base@3.13.12-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:61443d427de3418ccb77b5972b1b807617221297" }, { "ID": "py3.13-pip-base@26.0.1-r1", "Name": "py3.13-pip-base", "Identifier": { "PURL": "pkg:apk/wolfi/py3.13-pip-base@26.0.1-r1?arch=x86_64\u0026distro=20230201", "UID": "275f9d868f92b088", "BOMRef": "pkg:apk/wolfi/py3.13-pip-base@26.0.1-r1?arch=x86_64\u0026distro=20230201" }, "Version": "26.0.1-r1", "Arch": "x86_64", "SrcName": "py3-pip", "SrcVersion": "26.0.1-r1", "Licenses": [ "MIT" ], "DependsOn": [ "py3.13-setuptools@82.0.0-r1", "python-3.13-base@3.13.12-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:7c987010127797c7cb69fd7d9ffd5864682e6c6f" }, { "ID": "py3.13-setuptools@82.0.0-r1", "Name": "py3.13-setuptools", "Identifier": { "PURL": "pkg:apk/wolfi/py3.13-setuptools@82.0.0-r1?arch=x86_64\u0026distro=20230201", "UID": "af442efd1eaf99cc", "BOMRef": "pkg:apk/wolfi/py3.13-setuptools@82.0.0-r1?arch=x86_64\u0026distro=20230201" }, "Version": "82.0.0-r1", "Arch": "x86_64", "SrcName": "py3-setuptools", "SrcVersion": "82.0.0-r1", "Licenses": [ "MIT" ], "DependsOn": [ "python-3.13-base@3.13.12-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:fa47969b9522e3440e44ac0eb642d810041bf4b2" }, { "ID": "python-3.13@3.13.12-r1", "Name": "python-3.13", "Identifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.13.12-r1", "Arch": "x86_64", "SrcName": "python-3.13", "SrcVersion": "3.13.12-r1", "Licenses": [ "PSF-2.0" ], "DependsOn": [ "python-3.13-base@3.13.12-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:0241e1ce72e390d29f7d306898141c96e0c749cd" }, { "ID": "python-3.13-base@3.13.12-r1", "Name": "python-3.13-base", "Identifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "Version": "3.13.12-r1", "Arch": "x86_64", "SrcName": "python-3.13", "SrcVersion": "3.13.12-r1", "Licenses": [ "PSF-2.0" ], "DependsOn": [ "gdbm@1.26-r2", "glibc@2.43-r1", "ld-linux@2.43-r1", "libbz2-1@1.0.8-r22", "libcrypto3@3.6.1-r1", "libexpat1@2.7.4-r1", "libffi@3.5.2-r1", "libssl3@3.6.1-r1", "libuuid@2.41.3-r3", "mpdecimal@4.0.1-r3", "ncurses@6.6_p20251230-r1", "py3-pip-wheel@26.0.1-r1", "readline@8.3-r1", "sqlite-libs@3.51.1-r0", "xz@5.8.2-r1", "zlib@1.3.2-r0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:d8c899deefcc9a65040c6ba138ed428c7f2f18fe" }, { "ID": "readline@8.3-r1", "Name": "readline", "Identifier": { "PURL": "pkg:apk/wolfi/readline@8.3-r1?arch=x86_64\u0026distro=20230201", "UID": "7440e9c66a02169f", "BOMRef": "pkg:apk/wolfi/readline@8.3-r1?arch=x86_64\u0026distro=20230201" }, "Version": "8.3-r1", "Arch": "x86_64", "SrcName": "readline", "SrcVersion": "8.3-r1", "Licenses": [ "GPL-3.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ncurses@6.6_p20251230-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:bcbe178d5b1edd94ce7b1cb8465e1cda8964a3db" }, { "ID": "sqlite-libs@3.51.1-r0", "Name": "sqlite-libs", "Identifier": { "PURL": "pkg:apk/wolfi/sqlite-libs@3.51.1-r0?arch=x86_64\u0026distro=20230201", "UID": "908f5e322e883ae7", "BOMRef": "pkg:apk/wolfi/sqlite-libs@3.51.1-r0?arch=x86_64\u0026distro=20230201" }, "Version": "3.51.1-r0", "Arch": "x86_64", "SrcName": "sqlite", "SrcVersion": "3.51.1-r0", "Licenses": [ "blessing" ], "DependsOn": [ "glibc@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:d0361a0bc6717f9262dbf71e350da24cd1987755" }, { "ID": "supervisor@4.3.0-r0", "Name": "supervisor", "Identifier": { "PURL": "pkg:apk/wolfi/supervisor@4.3.0-r0?arch=x86_64\u0026distro=20230201", "UID": "5198d7b884b3cd0d", "BOMRef": "pkg:apk/wolfi/supervisor@4.3.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "4.3.0-r0", "Arch": "x86_64", "SrcName": "supervisor", "SrcVersion": "4.3.0-r0", "Licenses": [ "BSD-3-Clause" ], "DependsOn": [ "py3.13-setuptools@82.0.0-r1", "python-3.13-base@3.13.12-r1", "supervisor-config@4.3.0-r0" ], "Layer": { "Digest": "sha256:a747f6d92e505db286702086777df317093d752e20fcf899f21354a6f538878a", "DiffID": "sha256:51bcbb91b4d949bc10c2d0fb1657c439d6de32fe886c68b0ef410c479e86c0a3" }, "Digest": "sha1:6daf57e1bd2a466563021c6c1d2b726d4f32a659" }, { "ID": "supervisor-config@4.3.0-r0", "Name": "supervisor-config", "Identifier": { "PURL": "pkg:apk/wolfi/supervisor-config@4.3.0-r0?arch=x86_64\u0026distro=20230201", "UID": "484a452cc3d9e735", "BOMRef": "pkg:apk/wolfi/supervisor-config@4.3.0-r0?arch=x86_64\u0026distro=20230201" }, "Version": "4.3.0-r0", "Arch": "x86_64", "SrcName": "supervisor", "SrcVersion": "4.3.0-r0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:a747f6d92e505db286702086777df317093d752e20fcf899f21354a6f538878a", "DiffID": "sha256:51bcbb91b4d949bc10c2d0fb1657c439d6de32fe886c68b0ef410c479e86c0a3" }, "Digest": "sha1:9dc25d852bd533a57c94bba2e0649a696c81efae" }, { "ID": "tzdata@2025c-r0", "Name": "tzdata", "Identifier": { "PURL": "pkg:apk/wolfi/tzdata@2025c-r0?arch=x86_64\u0026distro=20230201", "UID": "daa9b6b94838f3d", "BOMRef": "pkg:apk/wolfi/tzdata@2025c-r0?arch=x86_64\u0026distro=20230201" }, "Version": "2025c-r0", "Arch": "x86_64", "SrcName": "tzdata", "SrcVersion": "2025c-r0", "Licenses": [ "CC-PDDC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:2c137e3cd0482cb748f0d5ab1c1907bd2a03598a" }, { "ID": "wolfi-base@1-r7", "Name": "wolfi-base", "Identifier": { "PURL": "pkg:apk/wolfi/wolfi-base@1-r7?arch=x86_64\u0026distro=20230201", "UID": "6f8cf0f66597c990", "BOMRef": "pkg:apk/wolfi/wolfi-base@1-r7?arch=x86_64\u0026distro=20230201" }, "Version": "1-r7", "Arch": "x86_64", "SrcName": "wolfi-base", "SrcVersion": "1-r7", "Licenses": [ "MIT" ], "DependsOn": [ "apk-tools@2.14.10-r10", "busybox@1.37.0-r54", "wolfi-keys@1-r13" ], "Layer": { "Digest": "sha256:cdea145aa11554331de7d95b1834fd4f2a784fa573086475ff0d7c86d3abd020", "DiffID": "sha256:b8195249dcd92d2c0519946f0a9f9d9ec7b88e9a19b5f83bc156103a39d5ab50" }, "Digest": "sha1:e82b5ced3be890350f3a2fb44e41c27929abca1d" }, { "ID": "wolfi-baselayout@20230201-r27", "Name": "wolfi-baselayout", "Identifier": { "PURL": "pkg:apk/wolfi/wolfi-baselayout@20230201-r27?arch=x86_64\u0026distro=20230201", "UID": "57a37cd26a729add", "BOMRef": "pkg:apk/wolfi/wolfi-baselayout@20230201-r27?arch=x86_64\u0026distro=20230201" }, "Version": "20230201-r27", "Arch": "x86_64", "SrcName": "wolfi-baselayout", "SrcVersion": "20230201-r27", "Licenses": [ "MIT" ], "DependsOn": [ "ca-certificates-bundle@20251003-r3" ], "Layer": { "Digest": "sha256:b287abf0b51506c574830a1df8c83ea04b65f96da2d6c71f303f6d994a458b70", "DiffID": "sha256:c38e600be9e3b4d789f0b1f8c9a67b1ff2094481e475a06cea386c5962b57f54" }, "Digest": "sha1:86baca1658b3ab2a62e0e8d8067cce510764ca95" }, { "ID": "wolfi-keys@1-r13", "Name": "wolfi-keys", "Identifier": { "PURL": "pkg:apk/wolfi/wolfi-keys@1-r13?arch=x86_64\u0026distro=20230201", "UID": "6d83bacbf2f192de", "BOMRef": "pkg:apk/wolfi/wolfi-keys@1-r13?arch=x86_64\u0026distro=20230201" }, "Version": "1-r13", "Arch": "x86_64", "SrcName": "wolfi-keys", "SrcVersion": "1-r13", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:cdea145aa11554331de7d95b1834fd4f2a784fa573086475ff0d7c86d3abd020", "DiffID": "sha256:b8195249dcd92d2c0519946f0a9f9d9ec7b88e9a19b5f83bc156103a39d5ab50" }, "Digest": "sha1:c9e9f5b4a87785ae4aae9539e439d85b22c7390d" }, { "ID": "xz@5.8.2-r1", "Name": "xz", "Identifier": { "PURL": "pkg:apk/wolfi/xz@5.8.2-r1?arch=x86_64\u0026distro=20230201", "UID": "bb2f04ce13fecd7", "BOMRef": "pkg:apk/wolfi/xz@5.8.2-r1?arch=x86_64\u0026distro=20230201" }, "Version": "5.8.2-r1", "Arch": "x86_64", "SrcName": "xz", "SrcVersion": "5.8.2-r1", "Licenses": [ "GPL-3.0-or-later" ], "DependsOn": [ "glibc@2.43-r1", "ld-linux@2.43-r1" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "Digest": "sha1:a62ac8ca6b6fce65347163e705059c140c679433" }, { "ID": "zlib@1.3.2-r0", "Name": "zlib", "Identifier": { "PURL": "pkg:apk/wolfi/zlib@1.3.2-r0?arch=x86_64\u0026distro=20230201", "UID": "bdf67a1cd00fe2", "BOMRef": "pkg:apk/wolfi/zlib@1.3.2-r0?arch=x86_64\u0026distro=20230201" }, "Version": "1.3.2-r0", "Arch": "x86_64", "SrcName": "zlib", "SrcVersion": "1.3.2-r0", "Licenses": [ "MPL-2.0", "MIT" ], "DependsOn": [ "glibc@2.43-r1", "wolfi-baselayout@20230201-r27" ], "Layer": { "Digest": "sha256:83aaad0499db295fc3c418431dc48973d2ad0fc36b83ca041ca7ffd882f799dc", "DiffID": "sha256:09415f6704429bf538351a5149a730bf1f254708ab21586991db5bb27b8907bd" }, "Digest": "sha1:5374a82f6bd86f9b9bfca859ad3bbe6ebcd12c41" } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-4437", "PkgID": "glibc@2.43-r1", "PkgName": "glibc", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "19fc32b613e931a6", "BOMRef": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4437", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:6d4bb5cd51797329b2ea694dac228db0968af89e4f984804b2e6e0700378a829", "Title": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4437", "https://nvd.nist.gov/vuln/detail/CVE-2026-4437", "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "https://www.cve.org/CVERecord?id=CVE-2026-4437" ], "PublishedDate": "2026-03-20T20:16:49.477Z", "LastModifiedDate": "2026-03-23T16:16:51.537Z" }, { "VulnerabilityID": "CVE-2026-4438", "PkgID": "glibc@2.43-r1", "PkgName": "glibc", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "19fc32b613e931a6", "BOMRef": "pkg:apk/wolfi/glibc@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4438", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:f1d44e088a6b0d164e23e5a83504b163021770765718a29f8279ac8062af2daa", "Title": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-88" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4438", "https://nvd.nist.gov/vuln/detail/CVE-2026-4438", "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "https://www.cve.org/CVERecord?id=CVE-2026-4438" ], "PublishedDate": "2026-03-20T20:16:49.623Z", "LastModifiedDate": "2026-03-23T15:16:35.68Z" }, { "VulnerabilityID": "CVE-2026-4437", "PkgID": "glibc-locale-posix@2.43-r1", "PkgName": "glibc-locale-posix", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "5e241543b8fe7d0", "BOMRef": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4437", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:521daf8f3842539bb3aa25ba93c6ef2aad6d50f41bed2df13a36b6caa2b5298f", "Title": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4437", "https://nvd.nist.gov/vuln/detail/CVE-2026-4437", "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "https://www.cve.org/CVERecord?id=CVE-2026-4437" ], "PublishedDate": "2026-03-20T20:16:49.477Z", "LastModifiedDate": "2026-03-23T16:16:51.537Z" }, { "VulnerabilityID": "CVE-2026-4438", "PkgID": "glibc-locale-posix@2.43-r1", "PkgName": "glibc-locale-posix", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "5e241543b8fe7d0", "BOMRef": "pkg:apk/wolfi/glibc-locale-posix@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4438", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:ee0f011c3f37926bed5ef517e7fb0f382f155da8269a50802eb930acac0d3856", "Title": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-88" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4438", "https://nvd.nist.gov/vuln/detail/CVE-2026-4438", "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "https://www.cve.org/CVERecord?id=CVE-2026-4438" ], "PublishedDate": "2026-03-20T20:16:49.623Z", "LastModifiedDate": "2026-03-23T15:16:35.68Z" }, { "VulnerabilityID": "CVE-2026-4437", "PkgID": "ld-linux@2.43-r1", "PkgName": "ld-linux", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "e85685852da579df", "BOMRef": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4437", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:42b326035e6b882538844742b9fe0db7af225f98a12b008f541318cc8ab91691", "Title": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4437", "https://nvd.nist.gov/vuln/detail/CVE-2026-4437", "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "https://www.cve.org/CVERecord?id=CVE-2026-4437" ], "PublishedDate": "2026-03-20T20:16:49.477Z", "LastModifiedDate": "2026-03-23T16:16:51.537Z" }, { "VulnerabilityID": "CVE-2026-4438", "PkgID": "ld-linux@2.43-r1", "PkgName": "ld-linux", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "e85685852da579df", "BOMRef": "pkg:apk/wolfi/ld-linux@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4438", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:a7e0e6c33b46ef2c1a94e35ec916460531cb230d4e0f6405c285e1f2597f0b8b", "Title": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-88" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4438", "https://nvd.nist.gov/vuln/detail/CVE-2026-4438", "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "https://www.cve.org/CVERecord?id=CVE-2026-4438" ], "PublishedDate": "2026-03-20T20:16:49.623Z", "LastModifiedDate": "2026-03-23T15:16:35.68Z" }, { "VulnerabilityID": "CVE-2026-4437", "PkgID": "libcrypt1@2.43-r1", "PkgName": "libcrypt1", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "bf9f632e216bab3", "BOMRef": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4437", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:7d8dd5107e67a6d6186145a46d5aa4d3c929e0f0bbee4811fc47f5af923fcbfe", "Title": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.", "Severity": "MEDIUM", "CweIDs": [ "CWE-125" ], "VendorSeverity": { "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4437", "https://nvd.nist.gov/vuln/detail/CVE-2026-4437", "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "https://www.cve.org/CVERecord?id=CVE-2026-4437" ], "PublishedDate": "2026-03-20T20:16:49.477Z", "LastModifiedDate": "2026-03-23T16:16:51.537Z" }, { "VulnerabilityID": "CVE-2026-4438", "PkgID": "libcrypt1@2.43-r1", "PkgName": "libcrypt1", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201", "UID": "bf9f632e216bab3", "BOMRef": "pkg:apk/wolfi/libcrypt1@2.43-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "2.43-r1", "FixedVersion": "2.43-r4", "Status": "fixed", "Layer": { "Digest": "sha256:174181e727b5b4c457e5295d38bfa5f3cec95ead6109576c1612ba7b8570d829", "DiffID": "sha256:0f6669b78ab4e8bdec96bce71f492f2432f03faca3983cc3d1b52b78b231d6fa" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4438", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:3706e8829b9ff6e4c624eac8fc11d507255acf065ec4fc02bd3522802eeb9642", "Title": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "Description": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-88" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4438", "https://nvd.nist.gov/vuln/detail/CVE-2026-4438", "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "https://www.cve.org/CVERecord?id=CVE-2026-4438" ], "PublishedDate": "2026-03-20T20:16:49.623Z", "LastModifiedDate": "2026-03-23T15:16:35.68Z" }, { "VulnerabilityID": "CVE-2026-2673", "PkgID": "libcrypto3@3.6.1-r1", "PkgName": "libcrypto3", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/libcrypto3@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "85aab75953abd74", "BOMRef": "pkg:apk/wolfi/libcrypto3@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.6.1-r1", "FixedVersion": "3.6.1-r3", "Status": "fixed", "Layer": { "Digest": "sha256:02fc55a9c757fa6bcfe11d95fb21dbe82723d434ab5cb91cfedf674fb3eb8267", "DiffID": "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2673", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:751c65f81823126d21597c04e4ba7a1e474b21cd8db19972f2224be6914524f8", "Title": "openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group", "Description": "Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected\npreferred key exchange group when its key exchange group configuration includes\nthe default by using the 'DEFAULT' keyword.\n\nImpact summary: A less preferred key exchange may be used even when a more\npreferred group is supported by both client and server, if the group\nwas not included among the client's initial predicated keyshares.\nThis will sometimes be the case with the new hybrid post-quantum groups,\nif the client chooses to defer their use until specifically requested by\nthe server.\n\nIf an OpenSSL TLS 1.3 server's configuration uses the 'DEFAULT' keyword to\ninterpolate the built-in default group list into its own configuration, perhaps\nadding or removing specific elements, then an implementation defect causes the\n'DEFAULT' list to lose its 'tuple' structure, and all server-supported groups\nwere treated as a single sufficiently secure 'tuple', with the server not\nsending a Hello Retry Request (HRR) even when a group in a more preferred tuple\nwas mutually supported.\n\nAs a result, the client and server might fail to negotiate a mutually supported\npost-quantum key agreement group, such as 'X25519MLKEM768', if the client's\nconfiguration results in only 'classical' groups (such as 'X25519' being the\nonly ones in the client's initial keyshare prediction).\n\nOpenSSL 3.5 and later support a new syntax for selecting the most preferred TLS\n1.3 key agreement group on TLS servers. The old syntax had a single 'flat'\nlist of groups, and treated all the supported groups as sufficiently secure.\nIf any of the keyshares predicted by the client were supported by the server\nthe most preferred among these was selected, even if other groups supported by\nthe client, but not included in the list of predicted keyshares would have been\nmore preferred, if included.\n\nThe new syntax partitions the groups into distinct 'tuples' of roughly\nequivalent security. Within each tuple the most preferred group included among\nthe client's predicted keyshares is chosen, but if the client supports a group\nfrom a more preferred tuple, but did not predict any corresponding keyshares,\nthe server will ask the client to retry the ClientHello (by issuing a Hello\nRetry Request or HRR) with the most preferred mutually supported group.\n\nThe above works as expected when the server's configuration uses the built-in\ndefault group list, or explicitly defines its own list by directly defining the\nvarious desired groups and group 'tuples'.\n\nNo OpenSSL FIPS modules are affected by this issue, the code in question lies\noutside the FIPS boundary.\n\nOpenSSL 3.6 and 3.5 are vulnerable to this issue.\n\nOpenSSL 3.6 users should upgrade to OpenSSL 3.6.2 once it is released.\nOpenSSL 3.5 users should upgrade to OpenSSL 3.5.6 once it is released.\n\nOpenSSL 3.4, 3.3, 3.0, 1.0.2 and 1.1.1 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-757" ], "VendorSeverity": { "amazon": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/13/3", "https://access.redhat.com/security/cve/CVE-2026-2673", "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f", "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34", "https://nvd.nist.gov/vuln/detail/CVE-2026-2673", "https://openssl-library.org/news/secadv/20260313.txt", "https://www.cve.org/CVERecord?id=CVE-2026-2673" ], "PublishedDate": "2026-03-13T19:54:34.033Z", "LastModifiedDate": "2026-03-17T18:16:15.6Z" }, { "VulnerabilityID": "CVE-2026-2673", "PkgID": "libssl3@3.6.1-r1", "PkgName": "libssl3", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/libssl3@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "2737a9b43318bb67", "BOMRef": "pkg:apk/wolfi/libssl3@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.6.1-r1", "FixedVersion": "3.6.1-r3", "Status": "fixed", "Layer": { "Digest": "sha256:02fc55a9c757fa6bcfe11d95fb21dbe82723d434ab5cb91cfedf674fb3eb8267", "DiffID": "sha256:2d64e69fa70c9611b9326f3de269d8fb379f944951ca8087d6558c92263697c0" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2673", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:13c3a0b100c1ce0f5d3782ce0f206af77d91dc3da6d5338d3d6a5dc7ba5e7ab5", "Title": "openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group", "Description": "Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected\npreferred key exchange group when its key exchange group configuration includes\nthe default by using the 'DEFAULT' keyword.\n\nImpact summary: A less preferred key exchange may be used even when a more\npreferred group is supported by both client and server, if the group\nwas not included among the client's initial predicated keyshares.\nThis will sometimes be the case with the new hybrid post-quantum groups,\nif the client chooses to defer their use until specifically requested by\nthe server.\n\nIf an OpenSSL TLS 1.3 server's configuration uses the 'DEFAULT' keyword to\ninterpolate the built-in default group list into its own configuration, perhaps\nadding or removing specific elements, then an implementation defect causes the\n'DEFAULT' list to lose its 'tuple' structure, and all server-supported groups\nwere treated as a single sufficiently secure 'tuple', with the server not\nsending a Hello Retry Request (HRR) even when a group in a more preferred tuple\nwas mutually supported.\n\nAs a result, the client and server might fail to negotiate a mutually supported\npost-quantum key agreement group, such as 'X25519MLKEM768', if the client's\nconfiguration results in only 'classical' groups (such as 'X25519' being the\nonly ones in the client's initial keyshare prediction).\n\nOpenSSL 3.5 and later support a new syntax for selecting the most preferred TLS\n1.3 key agreement group on TLS servers. The old syntax had a single 'flat'\nlist of groups, and treated all the supported groups as sufficiently secure.\nIf any of the keyshares predicted by the client were supported by the server\nthe most preferred among these was selected, even if other groups supported by\nthe client, but not included in the list of predicted keyshares would have been\nmore preferred, if included.\n\nThe new syntax partitions the groups into distinct 'tuples' of roughly\nequivalent security. Within each tuple the most preferred group included among\nthe client's predicted keyshares is chosen, but if the client supports a group\nfrom a more preferred tuple, but did not predict any corresponding keyshares,\nthe server will ask the client to retry the ClientHello (by issuing a Hello\nRetry Request or HRR) with the most preferred mutually supported group.\n\nThe above works as expected when the server's configuration uses the built-in\ndefault group list, or explicitly defines its own list by directly defining the\nvarious desired groups and group 'tuples'.\n\nNo OpenSSL FIPS modules are affected by this issue, the code in question lies\noutside the FIPS boundary.\n\nOpenSSL 3.6 and 3.5 are vulnerable to this issue.\n\nOpenSSL 3.6 users should upgrade to OpenSSL 3.6.2 once it is released.\nOpenSSL 3.5 users should upgrade to OpenSSL 3.5.6 once it is released.\n\nOpenSSL 3.4, 3.3, 3.0, 1.0.2 and 1.1.1 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-757" ], "VendorSeverity": { "amazon": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/13/3", "https://access.redhat.com/security/cve/CVE-2026-2673", "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f", "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34", "https://nvd.nist.gov/vuln/detail/CVE-2026-2673", "https://openssl-library.org/news/secadv/20260313.txt", "https://www.cve.org/CVERecord?id=CVE-2026-2673" ], "PublishedDate": "2026-03-13T19:54:34.033Z", "LastModifiedDate": "2026-03-17T18:16:15.6Z" }, { "VulnerabilityID": "CVE-2026-27903", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.11.0-r1", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:fd5cd6c78599e07643bad40e969f6be956f49e733abf3f1857bf110cc1b1b5a5", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27904", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.11.0-r1", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:394082b13c2893511e300879900171ca3de1b37bc9f1914206af7f9ad2c66d26", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-29786", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.11.0-r2", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "nvd", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:68db30ad8e6f7e44ad5aec6354f9170f8952c3f3732fcd7d2791299f7c6d19eb", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "MEDIUM", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-33671", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.12.1-r0", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:7e855e779f2aad6fd4e11909d7a414c359f69a450782b04bfd4a447c16cd94d3", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33672", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.12.1-r0", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:7e6f31be8be2edfda6de7b7efa6efe3ac851d969e551b03b8c2ebde10e86a0b9", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-33750", "PkgID": "npm@11.11.0-r0", "PkgName": "npm", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201", "UID": "c894cc73f0139231", "BOMRef": "pkg:apk/wolfi/npm@11.11.0-r0?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "11.11.0-r0", "FixedVersion": "11.12.1-r0", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:8fd0168e720346136a937f414a090cd398d33eb833e770f0cfac7da21cf8bea1", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-2673", "PkgID": "openssl@3.6.1-r1", "PkgName": "openssl", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/openssl@3.6.1-r1?arch=x86_64\u0026distro=20230201", "UID": "7ca336c25485b50d", "BOMRef": "pkg:apk/wolfi/openssl@3.6.1-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.6.1-r1", "FixedVersion": "3.6.1-r3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2673", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:2e9337d037d4eac87dcb74e4d94bd528e66a180d0c23dfbcbe356a020b1f1a3f", "Title": "openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group", "Description": "Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected\npreferred key exchange group when its key exchange group configuration includes\nthe default by using the 'DEFAULT' keyword.\n\nImpact summary: A less preferred key exchange may be used even when a more\npreferred group is supported by both client and server, if the group\nwas not included among the client's initial predicated keyshares.\nThis will sometimes be the case with the new hybrid post-quantum groups,\nif the client chooses to defer their use until specifically requested by\nthe server.\n\nIf an OpenSSL TLS 1.3 server's configuration uses the 'DEFAULT' keyword to\ninterpolate the built-in default group list into its own configuration, perhaps\nadding or removing specific elements, then an implementation defect causes the\n'DEFAULT' list to lose its 'tuple' structure, and all server-supported groups\nwere treated as a single sufficiently secure 'tuple', with the server not\nsending a Hello Retry Request (HRR) even when a group in a more preferred tuple\nwas mutually supported.\n\nAs a result, the client and server might fail to negotiate a mutually supported\npost-quantum key agreement group, such as 'X25519MLKEM768', if the client's\nconfiguration results in only 'classical' groups (such as 'X25519' being the\nonly ones in the client's initial keyshare prediction).\n\nOpenSSL 3.5 and later support a new syntax for selecting the most preferred TLS\n1.3 key agreement group on TLS servers. The old syntax had a single 'flat'\nlist of groups, and treated all the supported groups as sufficiently secure.\nIf any of the keyshares predicted by the client were supported by the server\nthe most preferred among these was selected, even if other groups supported by\nthe client, but not included in the list of predicted keyshares would have been\nmore preferred, if included.\n\nThe new syntax partitions the groups into distinct 'tuples' of roughly\nequivalent security. Within each tuple the most preferred group included among\nthe client's predicted keyshares is chosen, but if the client supports a group\nfrom a more preferred tuple, but did not predict any corresponding keyshares,\nthe server will ask the client to retry the ClientHello (by issuing a Hello\nRetry Request or HRR) with the most preferred mutually supported group.\n\nThe above works as expected when the server's configuration uses the built-in\ndefault group list, or explicitly defines its own list by directly defining the\nvarious desired groups and group 'tuples'.\n\nNo OpenSSL FIPS modules are affected by this issue, the code in question lies\noutside the FIPS boundary.\n\nOpenSSL 3.6 and 3.5 are vulnerable to this issue.\n\nOpenSSL 3.6 users should upgrade to OpenSSL 3.6.2 once it is released.\nOpenSSL 3.5 users should upgrade to OpenSSL 3.5.6 once it is released.\n\nOpenSSL 3.4, 3.3, 3.0, 1.0.2 and 1.1.1 are not affected by this issue.", "Severity": "LOW", "CweIDs": [ "CWE-757" ], "VendorSeverity": { "amazon": 1, "redhat": 1, "ubuntu": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/13/3", "https://access.redhat.com/security/cve/CVE-2026-2673", "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f", "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34", "https://nvd.nist.gov/vuln/detail/CVE-2026-2673", "https://openssl-library.org/news/secadv/20260313.txt", "https://www.cve.org/CVERecord?id=CVE-2026-2673" ], "PublishedDate": "2026-03-13T19:54:34.033Z", "LastModifiedDate": "2026-03-17T18:16:15.6Z" }, { "VulnerabilityID": "CVE-2026-4519", "PkgID": "python-3.13@3.13.12-r1", "PkgName": "python-3.13", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r5", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4519", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:3707c6fb0bd8a3dc99ca045912430d7fd10485f6e1c440846a86af502da6efd3", "Title": "python: Python: Command-line option injection in webbrowser.open() via crafted URLs", "Description": "The webbrowser.open() API would accept leading dashes in the URL which \ncould be handled as command line options for certain web browsers. New \nbehavior rejects leading dashes. Users are recommended to sanitize URLs \nprior to passing to webbrowser.open().", "Severity": "HIGH", "CweIDs": [ "CWE-20" ], "VendorSeverity": { "alma": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "V3Score": 7.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/20/1", "https://access.redhat.com/errata/RHSA-2026:6286", "https://access.redhat.com/security/cve/CVE-2026-4519", "https://bugzilla.redhat.com/2449649", "https://errata.almalinux.org/9/ALSA-2026-6286.html", "https://github.com/python/cpython/commit/43fe06b96f6a6cf5cfd5bdab20b8649374956866", "https://github.com/python/cpython/commit/82a24a4442312bdcfc4c799885e8b3e00990f02b", "https://github.com/python/cpython/commit/9669a912a0e329c094e992204d6bdb8787024d76", "https://github.com/python/cpython/commit/ad4d5ba32af4d80b0dfa2ba9d8203bfb219e60a5", "https://github.com/python/cpython/commit/cbba6119391112aba9c5aebf7b94aea447922c48", "https://github.com/python/cpython/commit/ceac1efc66516ac387eef2c9a0ce671895b44f03", "https://github.com/python/cpython/issues/143930", "https://github.com/python/cpython/pull/143931", "https://linux.oracle.com/cve/CVE-2026-4519.html", "https://linux.oracle.com/errata/ELSA-2026-6473.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/", "https://nvd.nist.gov/vuln/detail/CVE-2026-4519", "https://www.cve.org/CVERecord?id=CVE-2026-4519" ], "PublishedDate": "2026-03-20T15:16:24.057Z", "LastModifiedDate": "2026-03-25T18:16:33.073Z" }, { "VulnerabilityID": "CVE-2026-3644", "PkgID": "python-3.13@3.13.12-r1", "PkgName": "python-3.13", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r7", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3644", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:54b210ba0191064e6e877d318593acea49caa9cbd4e95e40d032cefa2e951a08", "Title": "cpython: Incomplete control character validation in http.cookies", "Description": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-116" ], "VendorSeverity": { "amazon": 2, "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 5.4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3644", "https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4", "https://github.com/python/cpython/commit/62ceb396fcbe69da1ded3702de586f4072b590dd", "https://github.com/python/cpython/commit/d16ecc6c3626f0e2cc8f08c309c83934e8a979dd", "https://github.com/python/cpython/issues/145599", "https://github.com/python/cpython/pull/145600", "https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/", "https://nvd.nist.gov/vuln/detail/CVE-2026-3644", "https://www.cve.org/CVERecord?id=CVE-2026-3644" ], "PublishedDate": "2026-03-16T18:16:09.907Z", "LastModifiedDate": "2026-03-17T14:20:01.67Z" }, { "VulnerabilityID": "CVE-2026-4224", "PkgID": "python-3.13@3.13.12-r1", "PkgName": "python-3.13", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r7", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4224", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:aa9ac4e7e9858fd2a71f76181b232d10b014f730c4f08562224b270326ccbd3b", "Title": "cpython: Stack overflow parsing XML with deeply nested DTD content models", "Description": "When an Expat parser with a registered ElementDeclHandler parses an inline\ndocument type definition containing a deeply nested content model a C stack\noverflow occurs.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/16/4", "https://access.redhat.com/security/cve/CVE-2026-4224", "https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a", "https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3", "https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768", "https://github.com/python/cpython/issues/145986", "https://github.com/python/cpython/pull/145987", "https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/", "https://nvd.nist.gov/vuln/detail/CVE-2026-4224", "https://www.cve.org/CVERecord?id=CVE-2026-4224" ], "PublishedDate": "2026-03-16T18:16:10.07Z", "LastModifiedDate": "2026-03-17T14:20:01.67Z" }, { "VulnerabilityID": "CVE-2026-2297", "PkgID": "python-3.13@3.13.12-r1", "PkgName": "python-3.13", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "cfe1eaf6179d062a", "BOMRef": "pkg:apk/wolfi/python-3.13@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2297", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:a92a40beed474de6e0e5fdfed4a0f6aa282b92eec7b0e520093dc3660f87baed", "Title": "cpython: CPython: Logging Bypass in Legacy .pyc File Handling", "Description": "The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does not use io.open_code() to read the .pyc files. sys.audit handlers for this audit event therefore do not fire.", "Severity": "LOW", "CweIDs": [ "CWE-668" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/05/6", "https://access.redhat.com/security/cve/CVE-2026-2297", "https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e", "https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e", "https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86", "https://github.com/python/cpython/issues/145506", "https://github.com/python/cpython/pull/145507", "https://nvd.nist.gov/vuln/detail/CVE-2026-2297", "https://www.cve.org/CVERecord?id=CVE-2026-2297" ], "PublishedDate": "2026-03-04T23:16:10.757Z", "LastModifiedDate": "2026-03-12T15:16:27.957Z" }, { "VulnerabilityID": "CVE-2026-4519", "PkgID": "python-3.13-base@3.13.12-r1", "PkgName": "python-3.13-base", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r5", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4519", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:c18ab11ab15ca4f6a1d3744c18859685585114754870919ef26e434462cdcd33", "Title": "python: Python: Command-line option injection in webbrowser.open() via crafted URLs", "Description": "The webbrowser.open() API would accept leading dashes in the URL which \ncould be handled as command line options for certain web browsers. New \nbehavior rejects leading dashes. Users are recommended to sanitize URLs \nprior to passing to webbrowser.open().", "Severity": "HIGH", "CweIDs": [ "CWE-20" ], "VendorSeverity": { "alma": 3, "azure": 3, "cbl-mariner": 3, "oracle-oval": 3, "photon": 3, "redhat": 3 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", "V3Score": 7.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/20/1", "https://access.redhat.com/errata/RHSA-2026:6286", "https://access.redhat.com/security/cve/CVE-2026-4519", "https://bugzilla.redhat.com/2449649", "https://errata.almalinux.org/9/ALSA-2026-6286.html", "https://github.com/python/cpython/commit/43fe06b96f6a6cf5cfd5bdab20b8649374956866", "https://github.com/python/cpython/commit/82a24a4442312bdcfc4c799885e8b3e00990f02b", "https://github.com/python/cpython/commit/9669a912a0e329c094e992204d6bdb8787024d76", "https://github.com/python/cpython/commit/ad4d5ba32af4d80b0dfa2ba9d8203bfb219e60a5", "https://github.com/python/cpython/commit/cbba6119391112aba9c5aebf7b94aea447922c48", "https://github.com/python/cpython/commit/ceac1efc66516ac387eef2c9a0ce671895b44f03", "https://github.com/python/cpython/issues/143930", "https://github.com/python/cpython/pull/143931", "https://linux.oracle.com/cve/CVE-2026-4519.html", "https://linux.oracle.com/errata/ELSA-2026-6473.html", "https://mail.python.org/archives/list/security-announce@python.org/thread/AY5NDSS433JK56Q7Q5IS7B37QFZVVOUS/", "https://nvd.nist.gov/vuln/detail/CVE-2026-4519", "https://www.cve.org/CVERecord?id=CVE-2026-4519" ], "PublishedDate": "2026-03-20T15:16:24.057Z", "LastModifiedDate": "2026-03-25T18:16:33.073Z" }, { "VulnerabilityID": "CVE-2026-3644", "PkgID": "python-3.13-base@3.13.12-r1", "PkgName": "python-3.13-base", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r7", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3644", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:20b4b4ef36cee47b76cd032d1a24323872a5b1b543f71f1634f6ff81d18597f9", "Title": "cpython: Incomplete control character validation in http.cookies", "Description": "The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-116" ], "VendorSeverity": { "amazon": 2, "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "V3Score": 5.4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3644", "https://github.com/python/cpython/commit/57e88c1cf95e1481b94ae57abe1010469d47a6b4", "https://github.com/python/cpython/commit/62ceb396fcbe69da1ded3702de586f4072b590dd", "https://github.com/python/cpython/commit/d16ecc6c3626f0e2cc8f08c309c83934e8a979dd", "https://github.com/python/cpython/issues/145599", "https://github.com/python/cpython/pull/145600", "https://mail.python.org/archives/list/security-announce@python.org/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/", "https://nvd.nist.gov/vuln/detail/CVE-2026-3644", "https://www.cve.org/CVERecord?id=CVE-2026-3644" ], "PublishedDate": "2026-03-16T18:16:09.907Z", "LastModifiedDate": "2026-03-17T14:20:01.67Z" }, { "VulnerabilityID": "CVE-2026-4224", "PkgID": "python-3.13-base@3.13.12-r1", "PkgName": "python-3.13-base", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r7", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4224", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:7ff0eb3343ceb0bf44578da3751029b5e2908518ceb4ac9a33c6f883b7e7b018", "Title": "cpython: Stack overflow parsing XML with deeply nested DTD content models", "Description": "When an Expat parser with a registered ElementDeclHandler parses an inline\ndocument type definition containing a deeply nested content model a C stack\noverflow occurs.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "redhat": 2 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/16/4", "https://access.redhat.com/security/cve/CVE-2026-4224", "https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a", "https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3", "https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768", "https://github.com/python/cpython/issues/145986", "https://github.com/python/cpython/pull/145987", "https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/", "https://nvd.nist.gov/vuln/detail/CVE-2026-4224", "https://www.cve.org/CVERecord?id=CVE-2026-4224" ], "PublishedDate": "2026-03-16T18:16:10.07Z", "LastModifiedDate": "2026-03-17T14:20:01.67Z" }, { "VulnerabilityID": "CVE-2026-2297", "PkgID": "python-3.13-base@3.13.12-r1", "PkgName": "python-3.13-base", "PkgIdentifier": { "PURL": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201", "UID": "6f728fd632cf7903", "BOMRef": "pkg:apk/wolfi/python-3.13-base@3.13.12-r1?arch=x86_64\u0026distro=20230201" }, "InstalledVersion": "3.13.12-r1", "FixedVersion": "3.13.12-r3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2297", "DataSource": { "ID": "wolfi", "Name": "Wolfi Secdb", "URL": "https://packages.wolfi.dev/os/security.json" }, "Fingerprint": "sha256:859a36abd91e5387b020bf86eb4bd4f062fead338aeb050459b83ec618ad4119", "Title": "cpython: CPython: Logging Bypass in Legacy .pyc File Handling", "Description": "The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does not use io.open_code() to read the .pyc files. sys.audit handlers for this audit event therefore do not fire.", "Severity": "LOW", "CweIDs": [ "CWE-668" ], "VendorSeverity": { "redhat": 1 }, "CVSS": { "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.3 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/05/6", "https://access.redhat.com/security/cve/CVE-2026-2297", "https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e", "https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e", "https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86", "https://github.com/python/cpython/issues/145506", "https://github.com/python/cpython/pull/145507", "https://nvd.nist.gov/vuln/detail/CVE-2026-2297", "https://www.cve.org/CVERecord?id=CVE-2026-2297" ], "PublishedDate": "2026-03-04T23:16:10.757Z", "LastModifiedDate": "2026-03-12T15:16:27.957Z" } ] }, { "Target": "Node.js", "Class": "lang-pkgs", "Type": "node-pkg", "Packages": [ { "ID": "@gar/promise-retry@1.0.2", "Name": "@gar/promise-retry", "Identifier": { "PURL": "pkg:npm/%40gar/promise-retry@1.0.2", "UID": "1aaf56ed7c84f070", "BOMRef": "pkg:npm/%40gar/promise-retry@1.0.2" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@gar/promise-retry/package.json", "Digest": "sha1:85c1a6717187a21b3cb7799f0a83c288145dfef2" }, { "ID": "@isaacs/balanced-match@4.0.1", "Name": "@isaacs/balanced-match", "Identifier": { "PURL": "pkg:npm/%40isaacs/balanced-match@4.0.1", "UID": "1df8a8019f5f5a9a", "BOMRef": "ec3dee21-3a18-4637-96bb-a8f6f90165ab" }, "Version": "4.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/balanced-match/package.json", "Digest": "sha1:17c25730c5cb82e1d4ee1c212f2b2588dd5a3781" }, { "ID": "@isaacs/balanced-match@4.0.1", "Name": "@isaacs/balanced-match", "Identifier": { "PURL": "pkg:npm/%40isaacs/balanced-match@4.0.1", "UID": "80c7cfcf6ee9d4c3", "BOMRef": "54a85164-a93a-4b1e-b8b1-d40feab98753" }, "Version": "4.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/brace-expansion/node_modules/@isaacs/balanced-match/package.json", "Digest": "sha1:17c25730c5cb82e1d4ee1c212f2b2588dd5a3781" }, { "ID": "@isaacs/balanced-match@4.0.1", "Name": "@isaacs/balanced-match", "Identifier": { "PURL": "pkg:npm/%40isaacs/balanced-match@4.0.1", "UID": "a7b05b08ec48f4e0", "BOMRef": "1cd70827-6b5f-4663-936e-0f5e51fe3435" }, "Version": "4.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/@isaacs/brace-expansion/node_modules/@isaacs/balanced-match/package.json", "Digest": "sha1:17c25730c5cb82e1d4ee1c212f2b2588dd5a3781" }, { "ID": "@isaacs/brace-expansion@5.0.1", "Name": "@isaacs/brace-expansion", "Identifier": { "PURL": "pkg:npm/%40isaacs/brace-expansion@5.0.1", "UID": "b68f75afe460ce86", "BOMRef": "d3649f84-1c10-4e1a-b0e1-d016dd0920eb" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/brace-expansion/package.json", "Digest": "sha1:582e89e8912ed72319d3768c79b15781164e5594" }, { "ID": "@isaacs/brace-expansion@5.0.1", "Name": "@isaacs/brace-expansion", "Identifier": { "PURL": "pkg:npm/%40isaacs/brace-expansion@5.0.1", "UID": "48e872d8def051dd", "BOMRef": "ce61f7f6-af12-4e27-a04b-33804d2d0e8d" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/@isaacs/brace-expansion/package.json", "Digest": "sha1:582e89e8912ed72319d3768c79b15781164e5594" }, { "ID": "@isaacs/cliui@9.0.0", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@9.0.0", "UID": "51d33169582940e", "BOMRef": "9523a50a-f2de-4705-819d-f6721ddc631e" }, "Version": "9.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/@isaacs/cliui/package.json", "Digest": "sha1:1ce0188abd4792f8dbcd6fede4f6bfc508a2e3fe" }, { "ID": "@isaacs/cliui@9.0.0", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@9.0.0", "UID": "593aa009bad24a90", "BOMRef": "618d2148-fe19-4da9-bb30-db139e705fb1" }, "Version": "9.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/@isaacs/cliui/package.json", "Digest": "sha1:1ce0188abd4792f8dbcd6fede4f6bfc508a2e3fe" }, { "ID": "@isaacs/cliui@9.0.0", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@9.0.0", "UID": "662d94f7d7942372", "BOMRef": "7e297c4a-451e-40e6-9816-708ae7e10c6a" }, "Version": "9.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/@isaacs/cliui/package.json", "Digest": "sha1:1ce0188abd4792f8dbcd6fede4f6bfc508a2e3fe" }, { "ID": "@isaacs/cliui@9.0.0", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@9.0.0", "UID": "f986dd37079465fe", "BOMRef": "e25f2e7d-993b-49b6-9ddf-8c67d497362b" }, "Version": "9.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/@isaacs/cliui/package.json", "Digest": "sha1:1ce0188abd4792f8dbcd6fede4f6bfc508a2e3fe" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "dc1562235124ab99", "BOMRef": "35c276eb-6652-406d-8502-96768e4873cd" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "1798a7985ac78b1c", "BOMRef": "c7f908f5-b293-4e48-86c2-17e14b48fecf" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "83a77d97341d380d", "BOMRef": "ae3e778e-e666-4e25-8aa6-2850b8b6f1b8" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "b98ef37a1df1f4c1", "BOMRef": "44a9a535-4e14-4410-a936-9c1229ff01bf" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "530c099fdd0dffb7", "BOMRef": "317e1ecf-3875-4b84-a25c-76f517480f33" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/fs-minipass@4.0.1", "Name": "@isaacs/fs-minipass", "Identifier": { "PURL": "pkg:npm/%40isaacs/fs-minipass@4.0.1", "UID": "d9238ac33ded6803", "BOMRef": "2dc0d226-2813-467b-bc92-6710460bfe13" }, "Version": "4.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/@isaacs/fs-minipass/package.json", "Digest": "sha1:504edba0a95630e08edf150335c2fe914825fc5a" }, { "ID": "@isaacs/string-locale-compare@1.1.0", "Name": "@isaacs/string-locale-compare", "Identifier": { "PURL": "pkg:npm/%40isaacs/string-locale-compare@1.1.0", "UID": "32f3e7c011fd6b29", "BOMRef": "ad5b0fee-9a16-48de-bc44-8e225caed8f2" }, "Version": "1.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@isaacs/string-locale-compare/package.json", "Digest": "sha1:9dc38644ea6f125e3b06825ff04df5ea22f56094" }, { "ID": "@isaacs/string-locale-compare@1.1.0", "Name": "@isaacs/string-locale-compare", "Identifier": { "PURL": "pkg:npm/%40isaacs/string-locale-compare@1.1.0", "UID": "bb13f26be6c8caf", "BOMRef": "a7fed377-48a4-466e-98a3-93dac49c8830" }, "Version": "1.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@isaacs/string-locale-compare/package.json", "Digest": "sha1:9dc38644ea6f125e3b06825ff04df5ea22f56094" }, { "ID": "@npmcli/agent@4.0.0", "Name": "@npmcli/agent", "Identifier": { "PURL": "pkg:npm/%40npmcli/agent@4.0.0", "UID": "712d1a39fd22a503", "BOMRef": "b785f4dc-1ee3-448f-bae2-71905b794da9" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/agent/package.json", "Digest": "sha1:48e34f21103faf00d9c60756e62dee09494be465" }, { "ID": "@npmcli/agent@4.0.0", "Name": "@npmcli/agent", "Identifier": { "PURL": "pkg:npm/%40npmcli/agent@4.0.0", "UID": "8650ed583aa5fac", "BOMRef": "fd4fa78f-5e38-4e3b-b795-01d62c962410" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/agent/package.json", "Digest": "sha1:48e34f21103faf00d9c60756e62dee09494be465" }, { "ID": "@npmcli/arborist@9.1.10", "Name": "@npmcli/arborist", "Identifier": { "PURL": "pkg:npm/%40npmcli/arborist@9.1.10", "UID": "b9d60dc5ccabb409", "BOMRef": "pkg:npm/%40npmcli/arborist@9.1.10" }, "Version": "9.1.10", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/arborist/package.json", "Digest": "sha1:8e4589e96293dc11053236ce210a3e55de99e7b9" }, { "ID": "@npmcli/arborist@9.4.0", "Name": "@npmcli/arborist", "Identifier": { "PURL": "pkg:npm/%40npmcli/arborist@9.4.0", "UID": "716cf22bad19062b", "BOMRef": "pkg:npm/%40npmcli/arborist@9.4.0" }, "Version": "9.4.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/arborist/package.json", "Digest": "sha1:4dffd9d49bb5c28f83f8741799d6368e71ac0d4f" }, { "ID": "@npmcli/config@10.5.0", "Name": "@npmcli/config", "Identifier": { "PURL": "pkg:npm/%40npmcli/config@10.5.0", "UID": "1594f82a1a72930d", "BOMRef": "pkg:npm/%40npmcli/config@10.5.0" }, "Version": "10.5.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/config/package.json", "Digest": "sha1:3ff7c610ec3542ff18bc54df984f23a2c29f06aa" }, { "ID": "@npmcli/config@10.7.1", "Name": "@npmcli/config", "Identifier": { "PURL": "pkg:npm/%40npmcli/config@10.7.1", "UID": "a3bb955ce5706526", "BOMRef": "pkg:npm/%40npmcli/config@10.7.1" }, "Version": "10.7.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/config/package.json", "Digest": "sha1:779af7712d5765f5b69dc3f99ae8dfb2d6600e1c" }, { "ID": "@npmcli/fs@5.0.0", "Name": "@npmcli/fs", "Identifier": { "PURL": "pkg:npm/%40npmcli/fs@5.0.0", "UID": "9eddb561864df718", "BOMRef": "0de3351d-1222-42d5-b323-7f3ac4c4394b" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/fs/package.json", "Digest": "sha1:3a4053128a62fd9581012b83ef531b95397167e3" }, { "ID": "@npmcli/fs@5.0.0", "Name": "@npmcli/fs", "Identifier": { "PURL": "pkg:npm/%40npmcli/fs@5.0.0", "UID": "e7516722a7efc465", "BOMRef": "de65f34e-ca7f-4790-9599-78362fcbfce1" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/fs/package.json", "Digest": "sha1:3a4053128a62fd9581012b83ef531b95397167e3" }, { "ID": "@npmcli/git@7.0.1", "Name": "@npmcli/git", "Identifier": { "PURL": "pkg:npm/%40npmcli/git@7.0.1", "UID": "d7ea83d795a159ff", "BOMRef": "pkg:npm/%40npmcli/git@7.0.1" }, "Version": "7.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/git/package.json", "Digest": "sha1:d74915bdb0a742b4c720d33fff12917072da12ab" }, { "ID": "@npmcli/git@7.0.2", "Name": "@npmcli/git", "Identifier": { "PURL": "pkg:npm/%40npmcli/git@7.0.2", "UID": "655c56fbdc7a89d6", "BOMRef": "pkg:npm/%40npmcli/git@7.0.2" }, "Version": "7.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/git/package.json", "Digest": "sha1:3ef6957cc9f0604d0b1b9c368be2d9d562f0a2ca" }, { "ID": "@npmcli/installed-package-contents@4.0.0", "Name": "@npmcli/installed-package-contents", "Identifier": { "PURL": "pkg:npm/%40npmcli/installed-package-contents@4.0.0", "UID": "bbf6cdc7c828b05d", "BOMRef": "39aa522b-7c8f-4d1d-8d4d-878753fafe75" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/installed-package-contents/package.json", "Digest": "sha1:189051543dd09896a1c31f80390afe0b5306d4c0" }, { "ID": "@npmcli/installed-package-contents@4.0.0", "Name": "@npmcli/installed-package-contents", "Identifier": { "PURL": "pkg:npm/%40npmcli/installed-package-contents@4.0.0", "UID": "dd7d363ca4106865", "BOMRef": "a7c7614a-bf3d-481f-bbd9-006b5ba62094" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/installed-package-contents/package.json", "Digest": "sha1:189051543dd09896a1c31f80390afe0b5306d4c0" }, { "ID": "@npmcli/map-workspaces@5.0.3", "Name": "@npmcli/map-workspaces", "Identifier": { "PURL": "pkg:npm/%40npmcli/map-workspaces@5.0.3", "UID": "8e6564cc116593d1", "BOMRef": "515468e2-ea96-412e-ad49-df389c506d74" }, "Version": "5.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/map-workspaces/package.json", "Digest": "sha1:9b2b024266bb8c342ed0bfbefb1c48a7d9b0c015" }, { "ID": "@npmcli/map-workspaces@5.0.3", "Name": "@npmcli/map-workspaces", "Identifier": { "PURL": "pkg:npm/%40npmcli/map-workspaces@5.0.3", "UID": "896b26248e6ea473", "BOMRef": "4a8a85ac-2486-4f40-a1ee-81ade2af70a2" }, "Version": "5.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/map-workspaces/package.json", "Digest": "sha1:9b2b024266bb8c342ed0bfbefb1c48a7d9b0c015" }, { "ID": "@npmcli/metavuln-calculator@9.0.3", "Name": "@npmcli/metavuln-calculator", "Identifier": { "PURL": "pkg:npm/%40npmcli/metavuln-calculator@9.0.3", "UID": "ed210fa945301e04", "BOMRef": "6092453a-c2b6-4ca0-ab00-a97048830fae" }, "Version": "9.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/metavuln-calculator/package.json", "Digest": "sha1:ef331816f66b624d692f45b26c2e6a910767656c" }, { "ID": "@npmcli/metavuln-calculator@9.0.3", "Name": "@npmcli/metavuln-calculator", "Identifier": { "PURL": "pkg:npm/%40npmcli/metavuln-calculator@9.0.3", "UID": "37f66d2c6347f92d", "BOMRef": "0563784f-35d7-438c-97a0-29ec68595a71" }, "Version": "9.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/metavuln-calculator/package.json", "Digest": "sha1:ef331816f66b624d692f45b26c2e6a910767656c" }, { "ID": "@npmcli/name-from-folder@4.0.0", "Name": "@npmcli/name-from-folder", "Identifier": { "PURL": "pkg:npm/%40npmcli/name-from-folder@4.0.0", "UID": "dffbdb4639f051ab", "BOMRef": "4611592d-afce-47b6-bc44-092de84ab227" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/name-from-folder/package.json", "Digest": "sha1:4d3174b80cc1b257fa96b098c95e27ffaff5b659" }, { "ID": "@npmcli/name-from-folder@4.0.0", "Name": "@npmcli/name-from-folder", "Identifier": { "PURL": "pkg:npm/%40npmcli/name-from-folder@4.0.0", "UID": "ecb0f5b45d4da78f", "BOMRef": "c9d372c6-dffd-4848-b432-e546ec06ecd4" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/name-from-folder/package.json", "Digest": "sha1:4d3174b80cc1b257fa96b098c95e27ffaff5b659" }, { "ID": "@npmcli/node-gyp@5.0.0", "Name": "@npmcli/node-gyp", "Identifier": { "PURL": "pkg:npm/%40npmcli/node-gyp@5.0.0", "UID": "7dfed5a441e82f85", "BOMRef": "604ea80e-b843-4551-8e4d-b947c24e5f88" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/node-gyp/package.json", "Digest": "sha1:c2549c9809a38abb866596530702d0de2c0cdc44" }, { "ID": "@npmcli/node-gyp@5.0.0", "Name": "@npmcli/node-gyp", "Identifier": { "PURL": "pkg:npm/%40npmcli/node-gyp@5.0.0", "UID": "eb979303ef16def9", "BOMRef": "c87b50d1-5e5c-444c-abd6-66c8a14b4469" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/node-gyp/package.json", "Digest": "sha1:c2549c9809a38abb866596530702d0de2c0cdc44" }, { "ID": "@npmcli/package-json@7.0.4", "Name": "@npmcli/package-json", "Identifier": { "PURL": "pkg:npm/%40npmcli/package-json@7.0.4", "UID": "1850c56bb6b70511", "BOMRef": "pkg:npm/%40npmcli/package-json@7.0.4" }, "Version": "7.0.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/package-json/package.json", "Digest": "sha1:765d7c3731b2abc0d33fd2c548968251527de7a4" }, { "ID": "@npmcli/package-json@7.0.5", "Name": "@npmcli/package-json", "Identifier": { "PURL": "pkg:npm/%40npmcli/package-json@7.0.5", "UID": "69fbbb2c0a99db05", "BOMRef": "pkg:npm/%40npmcli/package-json@7.0.5" }, "Version": "7.0.5", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/package-json/package.json", "Digest": "sha1:6f10f890a1dd14676d61faee4d379c06ec93502e" }, { "ID": "@npmcli/promise-spawn@9.0.1", "Name": "@npmcli/promise-spawn", "Identifier": { "PURL": "pkg:npm/%40npmcli/promise-spawn@9.0.1", "UID": "f4117463eecdefec", "BOMRef": "fd2593a4-0e57-4e2c-9247-2a3a1742b962" }, "Version": "9.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/promise-spawn/package.json", "Digest": "sha1:8cc9163ac59ee91de9240a11723d8701fa80317e" }, { "ID": "@npmcli/promise-spawn@9.0.1", "Name": "@npmcli/promise-spawn", "Identifier": { "PURL": "pkg:npm/%40npmcli/promise-spawn@9.0.1", "UID": "21bdce88267e", "BOMRef": "9807445d-7e1e-4a67-8020-fe5a35a84ad5" }, "Version": "9.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/promise-spawn/package.json", "Digest": "sha1:8cc9163ac59ee91de9240a11723d8701fa80317e" }, { "ID": "@npmcli/query@5.0.0", "Name": "@npmcli/query", "Identifier": { "PURL": "pkg:npm/%40npmcli/query@5.0.0", "UID": "82a91d358c74c0c1", "BOMRef": "fea754b0-f2cc-43d6-955a-b43de841a42d" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/query/package.json", "Digest": "sha1:f56866b082e0015fbbe60b12d303c71b778af0e1" }, { "ID": "@npmcli/query@5.0.0", "Name": "@npmcli/query", "Identifier": { "PURL": "pkg:npm/%40npmcli/query@5.0.0", "UID": "e139b83831b6b10a", "BOMRef": "bb2375fb-ab6c-4be8-aae0-8df55189d4c5" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/query/package.json", "Digest": "sha1:f56866b082e0015fbbe60b12d303c71b778af0e1" }, { "ID": "@npmcli/redact@4.0.0", "Name": "@npmcli/redact", "Identifier": { "PURL": "pkg:npm/%40npmcli/redact@4.0.0", "UID": "f25a6eeb9df270d9", "BOMRef": "0d3babb2-6b55-48ea-a45f-d0a277bb7e19" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/redact/package.json", "Digest": "sha1:e81d178ea5aac085222f1c853a9b42fb0cc96a46" }, { "ID": "@npmcli/redact@4.0.0", "Name": "@npmcli/redact", "Identifier": { "PURL": "pkg:npm/%40npmcli/redact@4.0.0", "UID": "5201656652a9997", "BOMRef": "33957b92-b916-4652-bf0a-2b6edb4ae10d" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/redact/package.json", "Digest": "sha1:e81d178ea5aac085222f1c853a9b42fb0cc96a46" }, { "ID": "@npmcli/run-script@10.0.3", "Name": "@npmcli/run-script", "Identifier": { "PURL": "pkg:npm/%40npmcli/run-script@10.0.3", "UID": "d2039b5801a5dd5a", "BOMRef": "8a435c9d-c642-40c4-aa75-5c8a90932415" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@npmcli/run-script/package.json", "Digest": "sha1:d9a49385f1a06449642c48bcb52f9600898eb65f" }, { "ID": "@npmcli/run-script@10.0.3", "Name": "@npmcli/run-script", "Identifier": { "PURL": "pkg:npm/%40npmcli/run-script@10.0.3", "UID": "1a455c775703213b", "BOMRef": "d507744f-d456-44e2-847a-3fa097624ac6" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@npmcli/run-script/package.json", "Digest": "sha1:d9a49385f1a06449642c48bcb52f9600898eb65f" }, { "ID": "@prisma/client@5.4.2", "Name": "@prisma/client", "Identifier": { "PURL": "pkg:npm/%40prisma/client@5.4.2", "UID": "160eeab7a13f9b60", "BOMRef": "pkg:npm/%40prisma/client@5.4.2" }, "Version": "5.4.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:34f4b20c1f804fa43c4b77168afdb0a125691ca4b9493989914d96886a4a9a7a", "DiffID": "sha256:87f972c78e205fa9c02f92e6f333aa19417f61a3040f235aef3ee451f41ad0d8" }, "FilePath": "root/.cache/prisma-python/binaries/5.4.2/ac9d7041ed77bcc8a8dbd2ab6616b39013829574/node_modules/prisma/prisma-client/package.json", "Digest": "sha1:067a3cf4b08bb66df88691a278bd21a778474e60" }, { "ID": "@prisma/engines@5.4.2", "Name": "@prisma/engines", "Identifier": { "PURL": "pkg:npm/%40prisma/engines@5.4.2", "UID": "622e75294fe6b274", "BOMRef": "pkg:npm/%40prisma/engines@5.4.2" }, "Version": "5.4.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:34f4b20c1f804fa43c4b77168afdb0a125691ca4b9493989914d96886a4a9a7a", "DiffID": "sha256:87f972c78e205fa9c02f92e6f333aa19417f61a3040f235aef3ee451f41ad0d8" }, "FilePath": "root/.cache/prisma-python/binaries/5.4.2/ac9d7041ed77bcc8a8dbd2ab6616b39013829574/node_modules/@prisma/engines/package.json", "Digest": "sha1:27f640d9b356e0726de8c28f78eb8ad1c8bf1dd9" }, { "ID": "@sigstore/bundle@4.0.0", "Name": "@sigstore/bundle", "Identifier": { "PURL": "pkg:npm/%40sigstore/bundle@4.0.0", "UID": "de531c9efb6e0500", "BOMRef": "dc1e7262-33f3-4ffc-8829-7f3ffa49379f" }, "Version": "4.0.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/bundle/package.json", "Digest": "sha1:1d6ca2f018ec884e6df5424d8d7fc6818d64c3b4" }, { "ID": "@sigstore/bundle@4.0.0", "Name": "@sigstore/bundle", "Identifier": { "PURL": "pkg:npm/%40sigstore/bundle@4.0.0", "UID": "4eef92507ab87582", "BOMRef": "d9de1a4e-273f-4206-84ff-1c305ee9a77b" }, "Version": "4.0.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/bundle/package.json", "Digest": "sha1:1d6ca2f018ec884e6df5424d8d7fc6818d64c3b4" }, { "ID": "@sigstore/core@3.1.0", "Name": "@sigstore/core", "Identifier": { "PURL": "pkg:npm/%40sigstore/core@3.1.0", "UID": "e1f1ac610a887ffc", "BOMRef": "2deac6a2-dd7d-4c98-a3c5-dd94308a9bfa" }, "Version": "3.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/core/package.json", "Digest": "sha1:1b171001ef4ffeaaab9d24334adcb37c669acb60" }, { "ID": "@sigstore/core@3.1.0", "Name": "@sigstore/core", "Identifier": { "PURL": "pkg:npm/%40sigstore/core@3.1.0", "UID": "8c12eebf9b8e23f8", "BOMRef": "673a4c2a-e032-4e77-9475-8cc82fc8e029" }, "Version": "3.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/core/package.json", "Digest": "sha1:1b171001ef4ffeaaab9d24334adcb37c669acb60" }, { "ID": "@sigstore/protobuf-specs@0.5.0", "Name": "@sigstore/protobuf-specs", "Identifier": { "PURL": "pkg:npm/%40sigstore/protobuf-specs@0.5.0", "UID": "68994a4c5ab31e6a", "BOMRef": "b1a65b6a-734d-4916-8220-149156b80b54" }, "Version": "0.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/protobuf-specs/package.json", "Digest": "sha1:883da1dcb03a5b8e4ba41bd5e8db239c9c17392b" }, { "ID": "@sigstore/protobuf-specs@0.5.0", "Name": "@sigstore/protobuf-specs", "Identifier": { "PURL": "pkg:npm/%40sigstore/protobuf-specs@0.5.0", "UID": "3eca7bf2e4d40572", "BOMRef": "b69ca350-f913-4ba0-9e4e-5db955f95538" }, "Version": "0.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/protobuf-specs/package.json", "Digest": "sha1:883da1dcb03a5b8e4ba41bd5e8db239c9c17392b" }, { "ID": "@sigstore/sign@4.1.0", "Name": "@sigstore/sign", "Identifier": { "PURL": "pkg:npm/%40sigstore/sign@4.1.0", "UID": "67d46ce050699be8", "BOMRef": "f57faaba-1eb0-4d38-94b3-1f3d2320940f" }, "Version": "4.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/sign/package.json", "Digest": "sha1:191dce764e0717fa6f8ae2e214e69421c6fd5797" }, { "ID": "@sigstore/sign@4.1.0", "Name": "@sigstore/sign", "Identifier": { "PURL": "pkg:npm/%40sigstore/sign@4.1.0", "UID": "94b6014ecc10f674", "BOMRef": "d0f82047-b011-4337-bdfc-9cd0681b183c" }, "Version": "4.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/sign/package.json", "Digest": "sha1:191dce764e0717fa6f8ae2e214e69421c6fd5797" }, { "ID": "@sigstore/tuf@4.0.1", "Name": "@sigstore/tuf", "Identifier": { "PURL": "pkg:npm/%40sigstore/tuf@4.0.1", "UID": "4ca00f77da81bdac", "BOMRef": "c9e17673-e151-4cfb-9f00-979bae9996b6" }, "Version": "4.0.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/tuf/package.json", "Digest": "sha1:6e166263107e702af9d17595f800a6e6498a7726" }, { "ID": "@sigstore/tuf@4.0.1", "Name": "@sigstore/tuf", "Identifier": { "PURL": "pkg:npm/%40sigstore/tuf@4.0.1", "UID": "1d145a0e571d9909", "BOMRef": "cdb746e0-08db-465f-a504-610f63eb8ef7" }, "Version": "4.0.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/tuf/package.json", "Digest": "sha1:6e166263107e702af9d17595f800a6e6498a7726" }, { "ID": "@sigstore/verify@3.1.0", "Name": "@sigstore/verify", "Identifier": { "PURL": "pkg:npm/%40sigstore/verify@3.1.0", "UID": "5513698ebebf6ffd", "BOMRef": "5852061c-fbc4-436e-9e49-bcbcdb10ab43" }, "Version": "3.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@sigstore/verify/package.json", "Digest": "sha1:4523305db384269754d0fab04bacf31ca05ad1be" }, { "ID": "@sigstore/verify@3.1.0", "Name": "@sigstore/verify", "Identifier": { "PURL": "pkg:npm/%40sigstore/verify@3.1.0", "UID": "2384bba628a400c7", "BOMRef": "cab014f2-07ff-4e68-9632-873c90ca775c" }, "Version": "3.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@sigstore/verify/package.json", "Digest": "sha1:4523305db384269754d0fab04bacf31ca05ad1be" }, { "ID": "@tufjs/canonical-json@2.0.0", "Name": "@tufjs/canonical-json", "Identifier": { "PURL": "pkg:npm/%40tufjs/canonical-json@2.0.0", "UID": "61d108f31b573859", "BOMRef": "83c6ad41-d920-489f-8405-d58e6b5db0b4" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@tufjs/canonical-json/package.json", "Digest": "sha1:5af11d14b15be3f1dc8a1195100ea60de40325c9" }, { "ID": "@tufjs/canonical-json@2.0.0", "Name": "@tufjs/canonical-json", "Identifier": { "PURL": "pkg:npm/%40tufjs/canonical-json@2.0.0", "UID": "1f558b43de7fbbe5", "BOMRef": "e28fbf21-3429-47d8-895a-704064e659ba" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@tufjs/canonical-json/package.json", "Digest": "sha1:5af11d14b15be3f1dc8a1195100ea60de40325c9" }, { "ID": "@tufjs/models@4.1.0", "Name": "@tufjs/models", "Identifier": { "PURL": "pkg:npm/%40tufjs/models@4.1.0", "UID": "fed23059fd6a9ad4", "BOMRef": "dcae614c-75e8-403d-bd24-66940a461b40" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/@tufjs/models/package.json", "Digest": "sha1:2ac6b88622c667e4c6582d32bbb21276b6781c61" }, { "ID": "@tufjs/models@4.1.0", "Name": "@tufjs/models", "Identifier": { "PURL": "pkg:npm/%40tufjs/models@4.1.0", "UID": "ff29865956881b87", "BOMRef": "963681a4-d7d3-4621-b831-597b1dfcb632" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@tufjs/models/package.json", "Digest": "sha1:2ac6b88622c667e4c6582d32bbb21276b6781c61" }, { "ID": "abbrev@4.0.0", "Name": "abbrev", "Identifier": { "PURL": "pkg:npm/abbrev@4.0.0", "UID": "3e02d2259e61dfbe", "BOMRef": "a3cea63a-0cbc-45d2-beab-7dace4539415" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/abbrev/package.json", "Digest": "sha1:6869bc2da89cbb7aba0c148aefa7e8fc43456128" }, { "ID": "abbrev@4.0.0", "Name": "abbrev", "Identifier": { "PURL": "pkg:npm/abbrev@4.0.0", "UID": "3303ec3474ad6928", "BOMRef": "77adb8fa-ff41-40b1-9275-235c63fb0034" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/abbrev/package.json", "Digest": "sha1:6869bc2da89cbb7aba0c148aefa7e8fc43456128" }, { "ID": "agent-base@7.1.4", "Name": "agent-base", "Identifier": { "PURL": "pkg:npm/agent-base@7.1.4", "UID": "7bbc51dee9fbd24e", "BOMRef": "69ee000e-bd63-4282-b10a-811190e78135" }, "Version": "7.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/agent-base/package.json", "Digest": "sha1:126adbedcff6faa6826eca63c75e9193237ab10b" }, { "ID": "agent-base@7.1.4", "Name": "agent-base", "Identifier": { "PURL": "pkg:npm/agent-base@7.1.4", "UID": "e664a8e1ad3f1bc1", "BOMRef": "4729a6f7-51ac-4d2e-a630-4c5085888cff" }, "Version": "7.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/agent-base/package.json", "Digest": "sha1:126adbedcff6faa6826eca63c75e9193237ab10b" }, { "ID": "ansi-regex@5.0.1", "Name": "ansi-regex", "Identifier": { "PURL": "pkg:npm/ansi-regex@5.0.1", "UID": "18aae0e91d53049c", "BOMRef": "pkg:npm/ansi-regex@5.0.1" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ansi-regex/package.json", "Digest": "sha1:f1b78e043012e1ab5689d57377093e88f1400677" }, { "ID": "aproba@2.1.0", "Name": "aproba", "Identifier": { "PURL": "pkg:npm/aproba@2.1.0", "UID": "501cdc270f2bd109", "BOMRef": "fba7c223-c3ba-48c5-98a2-e720b27f1179" }, "Version": "2.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/aproba/package.json", "Digest": "sha1:1cc57d456b29f580ef93bb2fee5566d3e3285009" }, { "ID": "aproba@2.1.0", "Name": "aproba", "Identifier": { "PURL": "pkg:npm/aproba@2.1.0", "UID": "385b02270c0c0593", "BOMRef": "c97a3879-41d3-4e3c-b6a2-46e59048bca7" }, "Version": "2.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/aproba/package.json", "Digest": "sha1:1cc57d456b29f580ef93bb2fee5566d3e3285009" }, { "ID": "archy@1.0.0", "Name": "archy", "Identifier": { "PURL": "pkg:npm/archy@1.0.0", "UID": "ddb9dbccb6ecbba4", "BOMRef": "ee303367-a0c2-495e-bb70-434f09277670" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/archy/package.json", "Digest": "sha1:3bd81e8f9d8e79057497b7473c6eac4f3d519149" }, { "ID": "archy@1.0.0", "Name": "archy", "Identifier": { "PURL": "pkg:npm/archy@1.0.0", "UID": "64bd2af2ec220f7c", "BOMRef": "bc3aff9a-ede9-44a3-8149-568209939682" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/archy/package.json", "Digest": "sha1:3bd81e8f9d8e79057497b7473c6eac4f3d519149" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "3b741f6c8ede1b87", "BOMRef": "44120cd7-e0db-499f-bcc3-263517975d05" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/minimatch/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "b3095826f8514ed1", "BOMRef": "2405cd57-c825-4be4-807c-f00b34fb6761" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "a87eff1d7bb6652e", "BOMRef": "3b7fc5e7-15ee-496a-81a1-e7b91b2b5351" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/minimatch/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "de16ef393adfac55", "BOMRef": "0037c3bf-5a7b-4c9c-a201-aec23084de4c" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "balanced-match@4.0.4", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@4.0.4", "UID": "7b09382eff87ddb", "BOMRef": "e422e2e6-bf49-4a7d-ae4b-bad8bf399e03" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minimatch/node_modules/balanced-match/package.json", "Digest": "sha1:a878f68f14569d5eeca00fc49803d192f24163cb" }, { "ID": "bin-links@6.0.0", "Name": "bin-links", "Identifier": { "PURL": "pkg:npm/bin-links@6.0.0", "UID": "c9c8fb70c8b6e53f", "BOMRef": "f99c81b2-41cc-44a0-8f1c-757783216b1b" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/bin-links/package.json", "Digest": "sha1:93d3777b34117955d6d5e16ab5342b65b8a21d46" }, { "ID": "bin-links@6.0.0", "Name": "bin-links", "Identifier": { "PURL": "pkg:npm/bin-links@6.0.0", "UID": "7c3613224e152018", "BOMRef": "15465994-1339-473c-8455-fa63e363dd5c" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/bin-links/package.json", "Digest": "sha1:93d3777b34117955d6d5e16ab5342b65b8a21d46" }, { "ID": "binary-extensions@3.1.0", "Name": "binary-extensions", "Identifier": { "PURL": "pkg:npm/binary-extensions@3.1.0", "UID": "bc639acef3cdc180", "BOMRef": "44662d4b-a9cb-4a8a-8e8e-56f64e4d3981" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/binary-extensions/package.json", "Digest": "sha1:fd41784d905c4769ecd7a2045234bf3336b20240" }, { "ID": "binary-extensions@3.1.0", "Name": "binary-extensions", "Identifier": { "PURL": "pkg:npm/binary-extensions@3.1.0", "UID": "c41063e595ec580e", "BOMRef": "84970b8b-9d78-4035-925b-4082678f0cd8" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/binary-extensions/package.json", "Digest": "sha1:fd41784d905c4769ecd7a2045234bf3336b20240" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "8d010b68b10821ff", "BOMRef": "889a6a78-26b1-43b1-b1c4-061b7c2bbbe9" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "8f97d6c64db34f94", "BOMRef": "18a69e30-41b2-4314-8503-810271bc2154" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "d50df2b5ea56b90a", "BOMRef": "fe999b78-d036-4c0d-9f6c-74ab0d3b476f" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/minimatch/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "35206c15b2ba421b", "BOMRef": "8ad76ae5-4cd4-4157-b8a0-02ae61c45e4f" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "brace-expansion@5.0.3", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "b27799da299514df", "BOMRef": "bd2aca29-90ef-4482-b849-2d2daac8e6de" }, "Version": "5.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "Digest": "sha1:afc678eba0408ee65ece9143c1a50eea31b7740a" }, { "ID": "cacache@20.0.3", "Name": "cacache", "Identifier": { "PURL": "pkg:npm/cacache@20.0.3", "UID": "6dff3457c5efcc3f", "BOMRef": "4df73a0f-786e-494d-9104-df43efe3dfe6" }, "Version": "20.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cacache/package.json", "Digest": "sha1:794ddf6857b8e0a3ab5e8b853a874fedd196d468" }, { "ID": "cacache@20.0.3", "Name": "cacache", "Identifier": { "PURL": "pkg:npm/cacache@20.0.3", "UID": "589406f75ca5e8cd", "BOMRef": "7f42e128-d549-476b-b195-dc3a1e8a25ed" }, "Version": "20.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/cacache/package.json", "Digest": "sha1:794ddf6857b8e0a3ab5e8b853a874fedd196d468" }, { "ID": "chalk@5.6.2", "Name": "chalk", "Identifier": { "PURL": "pkg:npm/chalk@5.6.2", "UID": "ab3a5006e30a47f5", "BOMRef": "96d347fc-d4ea-4f66-b142-e09288da96c6" }, "Version": "5.6.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/chalk/package.json", "Digest": "sha1:468d2997b68c367664e82a1d1b8bc344c65a52f6" }, { "ID": "chalk@5.6.2", "Name": "chalk", "Identifier": { "PURL": "pkg:npm/chalk@5.6.2", "UID": "28104f6be69fefae", "BOMRef": "3c0a0b8d-f17b-4bb3-9c09-30647e584957" }, "Version": "5.6.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/chalk/package.json", "Digest": "sha1:468d2997b68c367664e82a1d1b8bc344c65a52f6" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "97a4f4b4efa0f193", "BOMRef": "a1a5bdea-1a48-4d74-b320-997930ad7f6d" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "538b446c666b7198", "BOMRef": "66b711c3-2d83-4510-9115-4b6105c760be" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "8c425c060c6e4147", "BOMRef": "6750e3cf-2706-462f-bf35-e952c3f32cb3" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "a8753369ada86be4", "BOMRef": "bb8cf094-f0b2-4003-b856-874b753cf59a" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "47c0080006a700ce", "BOMRef": "f0e9a2f8-ed77-4c36-b88a-7d32e2c5eef9" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "chownr@3.0.0", "Name": "chownr", "Identifier": { "PURL": "pkg:npm/chownr@3.0.0", "UID": "2e880a9a315c240c", "BOMRef": "4893d127-8317-4c66-8fc7-a3c069b9ff9e" }, "Version": "3.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/chownr/package.json", "Digest": "sha1:fc7d452c2e7e9b57f311b04f8b5826656ccc8e1b" }, { "ID": "ci-info@4.3.1", "Name": "ci-info", "Identifier": { "PURL": "pkg:npm/ci-info@4.3.1", "UID": "2c3ce2401737cda", "BOMRef": "pkg:npm/ci-info@4.3.1" }, "Version": "4.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ci-info/package.json", "Digest": "sha1:6b3b12a5534f6e76cb13a851250efc1bb7e5ff21" }, { "ID": "ci-info@4.4.0", "Name": "ci-info", "Identifier": { "PURL": "pkg:npm/ci-info@4.4.0", "UID": "e8faea8cfcc4df9b", "BOMRef": "pkg:npm/ci-info@4.4.0" }, "Version": "4.4.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ci-info/package.json", "Digest": "sha1:e2623b66b993dca3177e444bd44a85376724c11d" }, { "ID": "cidr-regex@5.0.1", "Name": "cidr-regex", "Identifier": { "PURL": "pkg:npm/cidr-regex@5.0.1", "UID": "2dac1473141bd454", "BOMRef": "pkg:npm/cidr-regex@5.0.1" }, "Version": "5.0.1", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cidr-regex/package.json", "Digest": "sha1:472161dcb9eaebd9f280a0b36172ba21f93a9b86" }, { "ID": "cidr-regex@5.0.3", "Name": "cidr-regex", "Identifier": { "PURL": "pkg:npm/cidr-regex@5.0.3", "UID": "2bdb81474cb035fe", "BOMRef": "pkg:npm/cidr-regex@5.0.3" }, "Version": "5.0.3", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/cidr-regex/package.json", "Digest": "sha1:e6f201f195a92eda4aa01dca4b73641ac79e1d89" }, { "ID": "cli-columns@4.0.0", "Name": "cli-columns", "Identifier": { "PURL": "pkg:npm/cli-columns@4.0.0", "UID": "21350c16a2f6b8a9", "BOMRef": "pkg:npm/cli-columns@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cli-columns/package.json", "Digest": "sha1:06c7ce3d82ba512eafa34bab2566bcce77d4beb9" }, { "ID": "cmd-shim@8.0.0", "Name": "cmd-shim", "Identifier": { "PURL": "pkg:npm/cmd-shim@8.0.0", "UID": "1c9d92be969b5bff", "BOMRef": "87ea9e8a-e56e-49ed-8abf-a1d6ed382672" }, "Version": "8.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cmd-shim/package.json", "Digest": "sha1:bd1a460fd1e14f3dd73e03a0b21fc6e8bb60bfff" }, { "ID": "cmd-shim@8.0.0", "Name": "cmd-shim", "Identifier": { "PURL": "pkg:npm/cmd-shim@8.0.0", "UID": "77e4e06a077df26e", "BOMRef": "e71276ef-12c1-40fd-95a7-57e8f0b3c158" }, "Version": "8.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/cmd-shim/package.json", "Digest": "sha1:bd1a460fd1e14f3dd73e03a0b21fc6e8bb60bfff" }, { "ID": "common-ancestor-path@2.0.0", "Name": "common-ancestor-path", "Identifier": { "PURL": "pkg:npm/common-ancestor-path@2.0.0", "UID": "a3065cddb909e259", "BOMRef": "008bfafb-ee52-4317-8344-525239931385" }, "Version": "2.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/common-ancestor-path/package.json", "Digest": "sha1:8036c99c2d18b8840dc4aa274be9fbe844e9e16f" }, { "ID": "common-ancestor-path@2.0.0", "Name": "common-ancestor-path", "Identifier": { "PURL": "pkg:npm/common-ancestor-path@2.0.0", "UID": "1999f9d60e80ad6d", "BOMRef": "f4365369-c4d4-47ce-ad5c-489341f7c1b9" }, "Version": "2.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/common-ancestor-path/package.json", "Digest": "sha1:8036c99c2d18b8840dc4aa274be9fbe844e9e16f" }, { "ID": "corepack@0.34.6", "Name": "corepack", "Identifier": { "PURL": "pkg:npm/corepack@0.34.6", "UID": "a9d19e958edc4257", "BOMRef": "pkg:npm/corepack@0.34.6" }, "Version": "0.34.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/corepack/package.json", "Digest": "sha1:5c7c6859a36c05736c52ecdc731bfa3499ff31fb" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "dd4856b9e62746d7", "BOMRef": "e7540bd5-d106-4c72-b046-ad4967604d65" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/cross-spawn/package.json", "Digest": "sha1:9becaa8ecb51ad9b303dd62369423cb9f287163a" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "e0f26ff775d98014", "BOMRef": "9526a590-55f5-4659-b49c-208af9f05e64" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/cross-spawn/package.json", "Digest": "sha1:9becaa8ecb51ad9b303dd62369423cb9f287163a" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "f73d28635cdb390f", "BOMRef": "1ef32612-fb79-44b2-9bfc-6063125dc616" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/cross-spawn/package.json", "Digest": "sha1:9becaa8ecb51ad9b303dd62369423cb9f287163a" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "43f083c6f1fd5dc7", "BOMRef": "08a82ac9-4c5b-4ccf-94c4-fdcda3d9c114" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/cross-spawn/package.json", "Digest": "sha1:9becaa8ecb51ad9b303dd62369423cb9f287163a" }, { "ID": "cssesc@3.0.0", "Name": "cssesc", "Identifier": { "PURL": "pkg:npm/cssesc@3.0.0", "UID": "4ad2881f8d6c2ca5", "BOMRef": "f52b3c19-a69e-40ee-88b9-af67c8bc6d56" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/cssesc/package.json", "Digest": "sha1:3a37cece4f715e91ef0aed027baea0039bb20087" }, { "ID": "cssesc@3.0.0", "Name": "cssesc", "Identifier": { "PURL": "pkg:npm/cssesc@3.0.0", "UID": "300e5971e65e4e96", "BOMRef": "e6fcfafb-8181-49a5-8192-ee0595132f8a" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/cssesc/package.json", "Digest": "sha1:3a37cece4f715e91ef0aed027baea0039bb20087" }, { "ID": "debug@4.4.3", "Name": "debug", "Identifier": { "PURL": "pkg:npm/debug@4.4.3", "UID": "84ef3a3ed8422b69", "BOMRef": "c4358d07-5019-4385-9526-b41b10c77590" }, "Version": "4.4.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/debug/package.json", "Digest": "sha1:f1c3de400f61581ce6d6d43f9ec4c456cb8017f7" }, { "ID": "debug@4.4.3", "Name": "debug", "Identifier": { "PURL": "pkg:npm/debug@4.4.3", "UID": "312d446879910eab", "BOMRef": "a8c34f5c-4d08-4eee-adda-4d7d7d601da7" }, "Version": "4.4.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/debug/package.json", "Digest": "sha1:f1c3de400f61581ce6d6d43f9ec4c456cb8017f7" }, { "ID": "diff@8.0.3", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@8.0.3", "UID": "5abd19b29ac1d612", "BOMRef": "7f746dd7-72b5-4df3-bcab-cf8551fbf1ba" }, "Version": "8.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/diff/package.json", "Digest": "sha1:ee7acad3ce516cc674e0a88afbb6964bb88e355d" }, { "ID": "diff@8.0.3", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@8.0.3", "UID": "5009032563449c11", "BOMRef": "8e13caee-f428-4925-b22a-348975e53307" }, "Version": "8.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/diff/package.json", "Digest": "sha1:ee7acad3ce516cc674e0a88afbb6964bb88e355d" }, { "ID": "diff@8.0.3", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@8.0.3", "UID": "929254ba76d65668", "BOMRef": "3962ab54-6bc6-4854-bdb5-bc40e6c478b4" }, "Version": "8.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/diff/package.json", "Digest": "sha1:ee7acad3ce516cc674e0a88afbb6964bb88e355d" }, { "ID": "diff@8.0.3", "Name": "diff", "Identifier": { "PURL": "pkg:npm/diff@8.0.3", "UID": "dbfa590d6997e32b", "BOMRef": "627e0830-9527-42e6-af46-a190452f79d5" }, "Version": "8.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/diff/package.json", "Digest": "sha1:ee7acad3ce516cc674e0a88afbb6964bb88e355d" }, { "ID": "emoji-regex@8.0.0", "Name": "emoji-regex", "Identifier": { "PURL": "pkg:npm/emoji-regex@8.0.0", "UID": "b7e8641daeb6605a", "BOMRef": "pkg:npm/emoji-regex@8.0.0" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/emoji-regex/package.json", "Digest": "sha1:c26fe90da5886724a2676b8e3d5890beeacaad20" }, { "ID": "encoding@0.1.13", "Name": "encoding", "Identifier": { "PURL": "pkg:npm/encoding@0.1.13", "UID": "941015d99bae5ec0", "BOMRef": "pkg:npm/encoding@0.1.13" }, "Version": "0.1.13", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/encoding/package.json", "Digest": "sha1:52b117f2bc3113970224b9dc97b7fc18f7df30ab" }, { "ID": "env-paths@2.2.1", "Name": "env-paths", "Identifier": { "PURL": "pkg:npm/env-paths@2.2.1", "UID": "9fa819fe1bb93ea5", "BOMRef": "9eafd029-aecb-474a-97dd-cd049f588e81" }, "Version": "2.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/env-paths/package.json", "Digest": "sha1:b5b570f41c1d3e8f251fd06d075cefea4a3449a9" }, { "ID": "env-paths@2.2.1", "Name": "env-paths", "Identifier": { "PURL": "pkg:npm/env-paths@2.2.1", "UID": "c0749905a93598d2", "BOMRef": "7b98de45-0ed1-462e-bb52-403bc0004737" }, "Version": "2.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/env-paths/package.json", "Digest": "sha1:b5b570f41c1d3e8f251fd06d075cefea4a3449a9" }, { "ID": "err-code@2.0.3", "Name": "err-code", "Identifier": { "PURL": "pkg:npm/err-code@2.0.3", "UID": "dc4907b6bac3c710", "BOMRef": "c633395e-9044-4b4f-88c5-1c49ffeedbd2" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/err-code/package.json", "Digest": "sha1:5c7bc63340bc312d1563bb2b369e333e1165ab04" }, { "ID": "err-code@2.0.3", "Name": "err-code", "Identifier": { "PURL": "pkg:npm/err-code@2.0.3", "UID": "8530498fa900e963", "BOMRef": "cfe394d3-6d5a-400c-b0ed-b341d8938fde" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/err-code/package.json", "Digest": "sha1:5c7bc63340bc312d1563bb2b369e333e1165ab04" }, { "ID": "exponential-backoff@3.1.3", "Name": "exponential-backoff", "Identifier": { "PURL": "pkg:npm/exponential-backoff@3.1.3", "UID": "48f1dd02acae357d", "BOMRef": "2ce5f642-1476-4fc8-88f8-71925d2a0ec2" }, "Version": "3.1.3", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/exponential-backoff/package.json", "Digest": "sha1:ad6dedac96b4754817f15c7f62c6b1d72fa249fe" }, { "ID": "exponential-backoff@3.1.3", "Name": "exponential-backoff", "Identifier": { "PURL": "pkg:npm/exponential-backoff@3.1.3", "UID": "1a1827f9c454ce43", "BOMRef": "cbd8160a-130d-455b-836e-88000389fc4a" }, "Version": "3.1.3", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/exponential-backoff/package.json", "Digest": "sha1:ad6dedac96b4754817f15c7f62c6b1d72fa249fe" }, { "ID": "fastest-levenshtein@1.0.16", "Name": "fastest-levenshtein", "Identifier": { "PURL": "pkg:npm/fastest-levenshtein@1.0.16", "UID": "c9d1c35786970b6d", "BOMRef": "8e14c904-52dc-467b-8be2-e32aad31f98e" }, "Version": "1.0.16", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/fastest-levenshtein/package.json", "Digest": "sha1:3aca1160ba8ff112a40cdfd2c860a5d6cd689391" }, { "ID": "fastest-levenshtein@1.0.16", "Name": "fastest-levenshtein", "Identifier": { "PURL": "pkg:npm/fastest-levenshtein@1.0.16", "UID": "a3269476603e4ea6", "BOMRef": "cafd15f5-3215-48aa-9daf-ede29e15a349" }, "Version": "1.0.16", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/fastest-levenshtein/package.json", "Digest": "sha1:3aca1160ba8ff112a40cdfd2c860a5d6cd689391" }, { "ID": "fdir@6.5.0", "Name": "fdir", "Identifier": { "PURL": "pkg:npm/fdir@6.5.0", "UID": "4a8beb002eaf35b0", "BOMRef": "cbcd91dd-ce45-4d93-af02-d598042a2423" }, "Version": "6.5.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/node_modules/fdir/package.json", "Digest": "sha1:87c30edff77dd2a0847ac92b0a76837682d64eb2" }, { "ID": "fdir@6.5.0", "Name": "fdir", "Identifier": { "PURL": "pkg:npm/fdir@6.5.0", "UID": "91dfb70bafe9d51a", "BOMRef": "8843099a-e432-479d-bd01-37bd9feb196a" }, "Version": "6.5.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/node_modules/fdir/package.json", "Digest": "sha1:87c30edff77dd2a0847ac92b0a76837682d64eb2" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "5aac0f866f6f6dbe", "BOMRef": "a3dd84f2-236f-4bc6-a07f-f933b8bbbfc1" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/foreground-child/package.json", "Digest": "sha1:ca2af14071df0e6084e5797f9fbcf179d51f9e5d" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "f4591b1eaea5c2b4", "BOMRef": "b7f87c29-d100-4ead-a46f-414209301d99" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/foreground-child/package.json", "Digest": "sha1:ca2af14071df0e6084e5797f9fbcf179d51f9e5d" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "3afa8cc3cb10a055", "BOMRef": "5d52c331-7835-47ba-aec0-122e5f463773" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/foreground-child/package.json", "Digest": "sha1:ca2af14071df0e6084e5797f9fbcf179d51f9e5d" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "7ab94410764f4b77", "BOMRef": "a598c54c-fe37-4447-b1bc-ae8cefd243bf" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/foreground-child/package.json", "Digest": "sha1:ca2af14071df0e6084e5797f9fbcf179d51f9e5d" }, { "ID": "fs-minipass@3.0.3", "Name": "fs-minipass", "Identifier": { "PURL": "pkg:npm/fs-minipass@3.0.3", "UID": "603fd932d3b7d565", "BOMRef": "611a44af-7847-47e4-88b8-11f1992a1f60" }, "Version": "3.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/fs-minipass/package.json", "Digest": "sha1:2e472ead48322dd560133d10f39db20ee5e3fae1" }, { "ID": "fs-minipass@3.0.3", "Name": "fs-minipass", "Identifier": { "PURL": "pkg:npm/fs-minipass@3.0.3", "UID": "8dc0015c6e2fcc16", "BOMRef": "8e8605c8-770e-4deb-805a-02809a8ccf1d" }, "Version": "3.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/fs-minipass/package.json", "Digest": "sha1:2e472ead48322dd560133d10f39db20ee5e3fae1" }, { "ID": "glob@11.1.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@11.1.0", "UID": "e1257797fa4a0a58", "BOMRef": "987bdc56-74dc-451f-8838-6007c068d982" }, "Version": "11.1.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/package.json", "Digest": "sha1:9ce880ebacb6a4fc8ce706b0c4e165a74a4810a6" }, { "ID": "glob@11.1.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@11.1.0", "UID": "3b23cb8effe12a96", "BOMRef": "9ae790dc-61ac-4c16-a2fb-415872babcba" }, "Version": "11.1.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/package.json", "Digest": "sha1:9ce880ebacb6a4fc8ce706b0c4e165a74a4810a6" }, { "ID": "glob@11.1.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@11.1.0", "UID": "eff2a22a533e8c55", "BOMRef": "6d6fbd64-8cf2-458b-89b6-73e79d664ba8" }, "Version": "11.1.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/package.json", "Digest": "sha1:9ce880ebacb6a4fc8ce706b0c4e165a74a4810a6" }, { "ID": "glob@11.1.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@11.1.0", "UID": "7da0fdc2f3fed328", "BOMRef": "f6623beb-a41c-4009-93c6-df10175bc43a" }, "Version": "11.1.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/package.json", "Digest": "sha1:9ce880ebacb6a4fc8ce706b0c4e165a74a4810a6" }, { "ID": "graceful-fs@4.2.11", "Name": "graceful-fs", "Identifier": { "PURL": "pkg:npm/graceful-fs@4.2.11", "UID": "f94c58909b88992a", "BOMRef": "e29d862e-95d8-4eaf-bed4-63461dbe7457" }, "Version": "4.2.11", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/graceful-fs/package.json", "Digest": "sha1:21a733b3f7e2ee153041de90fb03d5596934f346" }, { "ID": "graceful-fs@4.2.11", "Name": "graceful-fs", "Identifier": { "PURL": "pkg:npm/graceful-fs@4.2.11", "UID": "acb8307fa4996623", "BOMRef": "df75b660-776a-4b3b-8a67-d797a55762a2" }, "Version": "4.2.11", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/graceful-fs/package.json", "Digest": "sha1:21a733b3f7e2ee153041de90fb03d5596934f346" }, { "ID": "hosted-git-info@9.0.2", "Name": "hosted-git-info", "Identifier": { "PURL": "pkg:npm/hosted-git-info@9.0.2", "UID": "9a9ba927e0794926", "BOMRef": "970bc260-b16d-4b7f-bff7-684c6b301278" }, "Version": "9.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/hosted-git-info/package.json", "Digest": "sha1:bd2953244687bfff7fdc74a3798a66119f64428e" }, { "ID": "hosted-git-info@9.0.2", "Name": "hosted-git-info", "Identifier": { "PURL": "pkg:npm/hosted-git-info@9.0.2", "UID": "479860a32993e3d6", "BOMRef": "eec8037b-9a4b-45fc-bdef-081d19810b0f" }, "Version": "9.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/hosted-git-info/package.json", "Digest": "sha1:bd2953244687bfff7fdc74a3798a66119f64428e" }, { "ID": "http-cache-semantics@4.2.0", "Name": "http-cache-semantics", "Identifier": { "PURL": "pkg:npm/http-cache-semantics@4.2.0", "UID": "ba896728135a3bbc", "BOMRef": "4dd7e573-8eb0-4e80-b1d5-0ecd0be039ac" }, "Version": "4.2.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/http-cache-semantics/package.json", "Digest": "sha1:563b0d8af1a9641083e8f6cefbf4259fa845e7ca" }, { "ID": "http-cache-semantics@4.2.0", "Name": "http-cache-semantics", "Identifier": { "PURL": "pkg:npm/http-cache-semantics@4.2.0", "UID": "6199fa0184f32415", "BOMRef": "4030dce0-46f9-402f-a787-b638c0be8721" }, "Version": "4.2.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/http-cache-semantics/package.json", "Digest": "sha1:563b0d8af1a9641083e8f6cefbf4259fa845e7ca" }, { "ID": "http-proxy-agent@7.0.2", "Name": "http-proxy-agent", "Identifier": { "PURL": "pkg:npm/http-proxy-agent@7.0.2", "UID": "854e9de8e16055c5", "BOMRef": "f0d02640-3644-4289-b1db-5877495ff341" }, "Version": "7.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/http-proxy-agent/package.json", "Digest": "sha1:f8b2b2bf2f3e2f8491496f9efe80b96442a803a9" }, { "ID": "http-proxy-agent@7.0.2", "Name": "http-proxy-agent", "Identifier": { "PURL": "pkg:npm/http-proxy-agent@7.0.2", "UID": "fe9cc6f364274ea2", "BOMRef": "1dfcd753-de62-49e6-8da3-a4702f2aa225" }, "Version": "7.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/http-proxy-agent/package.json", "Digest": "sha1:f8b2b2bf2f3e2f8491496f9efe80b96442a803a9" }, { "ID": "https-proxy-agent@7.0.6", "Name": "https-proxy-agent", "Identifier": { "PURL": "pkg:npm/https-proxy-agent@7.0.6", "UID": "da9284fc372e81b9", "BOMRef": "191cc512-d9dc-4ebb-963a-a39e6d5e1b3f" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/https-proxy-agent/package.json", "Digest": "sha1:17ea193ab8be5c579a2d10e9a13bff389858f7e8" }, { "ID": "https-proxy-agent@7.0.6", "Name": "https-proxy-agent", "Identifier": { "PURL": "pkg:npm/https-proxy-agent@7.0.6", "UID": "ef7b0dc1406b0f9f", "BOMRef": "b00fb3b5-9c34-4654-a2aa-62f4ae1ad9dc" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/https-proxy-agent/package.json", "Digest": "sha1:17ea193ab8be5c579a2d10e9a13bff389858f7e8" }, { "ID": "iconv-lite@0.6.3", "Name": "iconv-lite", "Identifier": { "PURL": "pkg:npm/iconv-lite@0.6.3", "UID": "73b651e1ef7485dd", "BOMRef": "pkg:npm/iconv-lite@0.6.3" }, "Version": "0.6.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/iconv-lite/package.json", "Digest": "sha1:a3d90badf75db503f5dd3ff3fb76d120d1424978" }, { "ID": "iconv-lite@0.7.2", "Name": "iconv-lite", "Identifier": { "PURL": "pkg:npm/iconv-lite@0.7.2", "UID": "ee3efc688ec56aed", "BOMRef": "pkg:npm/iconv-lite@0.7.2" }, "Version": "0.7.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/iconv-lite/package.json", "Digest": "sha1:680ec19cf66d40d6c095009f9ee97807151dccd6" }, { "ID": "ignore-walk@8.0.0", "Name": "ignore-walk", "Identifier": { "PURL": "pkg:npm/ignore-walk@8.0.0", "UID": "910da55412805c8f", "BOMRef": "0eadf0c6-5c9e-4af5-98a1-09a022bc6888" }, "Version": "8.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ignore-walk/package.json", "Digest": "sha1:48b090250976a784406de6d243cb8221ac357a08" }, { "ID": "ignore-walk@8.0.0", "Name": "ignore-walk", "Identifier": { "PURL": "pkg:npm/ignore-walk@8.0.0", "UID": "c69cbe837d8860b3", "BOMRef": "c924fe94-e932-47be-bf38-e4acaa73f0d4" }, "Version": "8.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ignore-walk/package.json", "Digest": "sha1:48b090250976a784406de6d243cb8221ac357a08" }, { "ID": "imurmurhash@0.1.4", "Name": "imurmurhash", "Identifier": { "PURL": "pkg:npm/imurmurhash@0.1.4", "UID": "81821f47c90d59a7", "BOMRef": "a97c6996-adb0-40d6-8d90-e031ba614829" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/imurmurhash/package.json", "Digest": "sha1:a28f2b413385af4188c4fc0ad1e0c38c2cd03cf4" }, { "ID": "imurmurhash@0.1.4", "Name": "imurmurhash", "Identifier": { "PURL": "pkg:npm/imurmurhash@0.1.4", "UID": "33019792deec63e", "BOMRef": "6740b926-2cc5-4668-93c7-4776375ec7f6" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/imurmurhash/package.json", "Digest": "sha1:a28f2b413385af4188c4fc0ad1e0c38c2cd03cf4" }, { "ID": "ini@6.0.0", "Name": "ini", "Identifier": { "PURL": "pkg:npm/ini@6.0.0", "UID": "6f8990c53ca016eb", "BOMRef": "43efff12-7c20-4173-a6f9-f27ed9ff8fb5" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ini/package.json", "Digest": "sha1:5edfb581604a00537da0213d0168236a05a49bf5" }, { "ID": "ini@6.0.0", "Name": "ini", "Identifier": { "PURL": "pkg:npm/ini@6.0.0", "UID": "9f38f7afc8b24483", "BOMRef": "c9928247-0015-4dc4-96e5-fd73c63f04c9" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ini/package.json", "Digest": "sha1:5edfb581604a00537da0213d0168236a05a49bf5" }, { "ID": "init-package-json@8.2.4", "Name": "init-package-json", "Identifier": { "PURL": "pkg:npm/init-package-json@8.2.4", "UID": "cd383831d02bf275", "BOMRef": "pkg:npm/init-package-json@8.2.4" }, "Version": "8.2.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/init-package-json/package.json", "Digest": "sha1:5112f0d23125bc0d7e4c7980385806e8bfeb15ce" }, { "ID": "init-package-json@8.2.5", "Name": "init-package-json", "Identifier": { "PURL": "pkg:npm/init-package-json@8.2.5", "UID": "2b71a362c120aa3a", "BOMRef": "pkg:npm/init-package-json@8.2.5" }, "Version": "8.2.5", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/init-package-json/package.json", "Digest": "sha1:135bdc6d9e7c3b4f96681fa03c2de7f644275cae" }, { "ID": "ip-address@10.1.0", "Name": "ip-address", "Identifier": { "PURL": "pkg:npm/ip-address@10.1.0", "UID": "734cfaf38d2296cd", "BOMRef": "12346da5-2856-4e5e-8972-2f4be8a8a2f0" }, "Version": "10.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ip-address/package.json", "Digest": "sha1:191d8a246dac65b7bb2707c1b08770812e9024e6" }, { "ID": "ip-address@10.1.0", "Name": "ip-address", "Identifier": { "PURL": "pkg:npm/ip-address@10.1.0", "UID": "ad63302d84e258e9", "BOMRef": "c2416d9f-a2dd-47e9-b8c2-6661142b26dc" }, "Version": "10.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ip-address/package.json", "Digest": "sha1:191d8a246dac65b7bb2707c1b08770812e9024e6" }, { "ID": "ip-regex@5.0.0", "Name": "ip-regex", "Identifier": { "PURL": "pkg:npm/ip-regex@5.0.0", "UID": "71cb75a2bde2efef", "BOMRef": "pkg:npm/ip-regex@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ip-regex/package.json", "Digest": "sha1:e3ebe61a5855188e86da90f29b0ea8c44793b9f0" }, { "ID": "is-cidr@6.0.1", "Name": "is-cidr", "Identifier": { "PURL": "pkg:npm/is-cidr@6.0.1", "UID": "b5cb01129543ec0a", "BOMRef": "pkg:npm/is-cidr@6.0.1" }, "Version": "6.0.1", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/is-cidr/package.json", "Digest": "sha1:7ae4aacf966b4f49bd609909796a7700fd8e877d" }, { "ID": "is-cidr@6.0.3", "Name": "is-cidr", "Identifier": { "PURL": "pkg:npm/is-cidr@6.0.3", "UID": "f0eb8228ed165776", "BOMRef": "pkg:npm/is-cidr@6.0.3" }, "Version": "6.0.3", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/is-cidr/package.json", "Digest": "sha1:1542d8b025df8f5b8246fdc01f4fe37c5a065a31" }, { "ID": "is-fullwidth-code-point@3.0.0", "Name": "is-fullwidth-code-point", "Identifier": { "PURL": "pkg:npm/is-fullwidth-code-point@3.0.0", "UID": "fe1460722cdc987c", "BOMRef": "pkg:npm/is-fullwidth-code-point@3.0.0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/is-fullwidth-code-point/package.json", "Digest": "sha1:49dbcba3eb3e3cba5b97bce28eb6194775d23c88" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "bb0e1c18e28f977a", "BOMRef": "4efe11bc-7b4d-4bde-98d9-d5e90df5fcc3" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/isexe/package.json", "Digest": "sha1:3b3eab80c4ffd08eef6b3381b98de7be3649d06b" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "7a0e3c28d0565f65", "BOMRef": "1a0a1366-b15e-4709-bcb1-4aa14c481c24" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/isexe/package.json", "Digest": "sha1:3b3eab80c4ffd08eef6b3381b98de7be3649d06b" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "db07e28c9c4ce017", "BOMRef": "4b195581-4358-451e-a584-b784ccca1a50" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/isexe/package.json", "Digest": "sha1:3b3eab80c4ffd08eef6b3381b98de7be3649d06b" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "e4e38e6f9e17f3ab", "BOMRef": "9b8dac90-827c-453a-bb3a-f45e9e3fd70b" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/isexe/package.json", "Digest": "sha1:3b3eab80c4ffd08eef6b3381b98de7be3649d06b" }, { "ID": "isexe@3.1.1", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@3.1.1", "UID": "fcf6e4331180913f", "BOMRef": "pkg:npm/isexe@3.1.1" }, "Version": "3.1.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/isexe/package.json", "Digest": "sha1:33fc88b1f05370bb6518291c601cf96cfcafdc3b" }, { "ID": "isexe@4.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@4.0.0", "UID": "54d9f776c6369c73", "BOMRef": "pkg:npm/isexe@4.0.0" }, "Version": "4.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/isexe/package.json", "Digest": "sha1:66620ebb413146985b58e32e2fb7007a46903867" }, { "ID": "jackspeak@4.2.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@4.2.3", "UID": "8303cb9940b67b03", "BOMRef": "545f6e0a-7db3-40b0-b6d6-f7ddb07ed741" }, "Version": "4.2.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/jackspeak/package.json", "Digest": "sha1:45d9816050ff7a6de553a418f4a0038a406fe991" }, { "ID": "jackspeak@4.2.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@4.2.3", "UID": "af47cbfb6579d749", "BOMRef": "127481f8-5024-4203-8b0c-1e2ed9bbb5d0" }, "Version": "4.2.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/jackspeak/package.json", "Digest": "sha1:45d9816050ff7a6de553a418f4a0038a406fe991" }, { "ID": "jackspeak@4.2.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@4.2.3", "UID": "4a0ff1d82e15379b", "BOMRef": "1ef42db5-35b4-4e38-acb4-313cd81f3e39" }, "Version": "4.2.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/jackspeak/package.json", "Digest": "sha1:45d9816050ff7a6de553a418f4a0038a406fe991" }, { "ID": "jackspeak@4.2.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@4.2.3", "UID": "c776f17acc31f715", "BOMRef": "8fd2b0a3-a35d-4979-8621-e4c245c3050e" }, "Version": "4.2.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/jackspeak/package.json", "Digest": "sha1:45d9816050ff7a6de553a418f4a0038a406fe991" }, { "ID": "json-parse-even-better-errors@5.0.0", "Name": "json-parse-even-better-errors", "Identifier": { "PURL": "pkg:npm/json-parse-even-better-errors@5.0.0", "UID": "8c28085cbeb753a0", "BOMRef": "56c353bb-19a3-4cd5-9c32-294262341eb8" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/json-parse-even-better-errors/package.json", "Digest": "sha1:27231975ccc2498cb184ae3e74122f2427ba1a5a" }, { "ID": "json-parse-even-better-errors@5.0.0", "Name": "json-parse-even-better-errors", "Identifier": { "PURL": "pkg:npm/json-parse-even-better-errors@5.0.0", "UID": "f06ba964bfff7156", "BOMRef": "503b207c-b199-435c-9f69-32d45bc42c0c" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/json-parse-even-better-errors/package.json", "Digest": "sha1:27231975ccc2498cb184ae3e74122f2427ba1a5a" }, { "ID": "json-stringify-nice@1.1.4", "Name": "json-stringify-nice", "Identifier": { "PURL": "pkg:npm/json-stringify-nice@1.1.4", "UID": "e771ffe7458c66fa", "BOMRef": "32ec5ef3-c46c-4fce-948a-b6238a1f5983" }, "Version": "1.1.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/json-stringify-nice/package.json", "Digest": "sha1:adef02a4345a493535ccb990b09f850508ae516f" }, { "ID": "json-stringify-nice@1.1.4", "Name": "json-stringify-nice", "Identifier": { "PURL": "pkg:npm/json-stringify-nice@1.1.4", "UID": "89876c8ebf0ebd7", "BOMRef": "c91e89a7-fc43-4b09-b03f-80d88188c1b5" }, "Version": "1.1.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/json-stringify-nice/package.json", "Digest": "sha1:adef02a4345a493535ccb990b09f850508ae516f" }, { "ID": "jsonparse@1.3.1", "Name": "jsonparse", "Identifier": { "PURL": "pkg:npm/jsonparse@1.3.1", "UID": "7d8c8f9797f75e6b", "BOMRef": "58918643-5464-422a-a9cd-5c3ee9c51a2b" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/jsonparse/package.json", "Digest": "sha1:ec0bb766bf32ebd53d835393da006bb834a663fd" }, { "ID": "jsonparse@1.3.1", "Name": "jsonparse", "Identifier": { "PURL": "pkg:npm/jsonparse@1.3.1", "UID": "978dfbf610be5bf", "BOMRef": "34a4a4c3-1b63-4436-97bd-86431978e3ff" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/jsonparse/package.json", "Digest": "sha1:ec0bb766bf32ebd53d835393da006bb834a663fd" }, { "ID": "just-diff@6.0.2", "Name": "just-diff", "Identifier": { "PURL": "pkg:npm/just-diff@6.0.2", "UID": "35753e511bcde16a", "BOMRef": "c9499f8b-00bf-473d-ba5e-ce3686311d74" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/just-diff/package.json", "Digest": "sha1:396a274e87b3ad6a3704a76cf18fbb2a9dd45ada" }, { "ID": "just-diff@6.0.2", "Name": "just-diff", "Identifier": { "PURL": "pkg:npm/just-diff@6.0.2", "UID": "74556bb531a8a14f", "BOMRef": "9d2fb9f4-36d8-4869-8e74-0df19a16eb7d" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/just-diff/package.json", "Digest": "sha1:396a274e87b3ad6a3704a76cf18fbb2a9dd45ada" }, { "ID": "just-diff-apply@5.5.0", "Name": "just-diff-apply", "Identifier": { "PURL": "pkg:npm/just-diff-apply@5.5.0", "UID": "1bfd8670417e02e7", "BOMRef": "7cd7e805-ec87-4dd0-98e7-b0ae4e825c86" }, "Version": "5.5.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/just-diff-apply/package.json", "Digest": "sha1:26d39d00f0fc1ddfe4974dbe69691f9c09ad9036" }, { "ID": "just-diff-apply@5.5.0", "Name": "just-diff-apply", "Identifier": { "PURL": "pkg:npm/just-diff-apply@5.5.0", "UID": "880454b57dbd26eb", "BOMRef": "88949110-9dc0-4f08-b8b1-8d934b58d234" }, "Version": "5.5.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/just-diff-apply/package.json", "Digest": "sha1:26d39d00f0fc1ddfe4974dbe69691f9c09ad9036" }, { "ID": "libnpmaccess@10.0.3", "Name": "libnpmaccess", "Identifier": { "PURL": "pkg:npm/libnpmaccess@10.0.3", "UID": "bd597549f7a3d51", "BOMRef": "54b229fd-2b98-4f36-b41d-f0b9b02b1ec0" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmaccess/package.json", "Digest": "sha1:c1d01036aa963e18b715c0bf3ec1bdad5d39d0be" }, { "ID": "libnpmaccess@10.0.3", "Name": "libnpmaccess", "Identifier": { "PURL": "pkg:npm/libnpmaccess@10.0.3", "UID": "3b37f9cd00fcfcf9", "BOMRef": "435ea1a4-3fef-4f48-ac74-e6d334bd5304" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmaccess/package.json", "Digest": "sha1:88716dc0d2d84c458e7f30e99f7e99188bef59b2" }, { "ID": "libnpmdiff@8.0.13", "Name": "libnpmdiff", "Identifier": { "PURL": "pkg:npm/libnpmdiff@8.0.13", "UID": "8a8fd6fb672e7a48", "BOMRef": "pkg:npm/libnpmdiff@8.0.13" }, "Version": "8.0.13", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmdiff/package.json", "Digest": "sha1:8620167de2c70aed2967dd19f20eb221ce942857" }, { "ID": "libnpmdiff@8.1.3", "Name": "libnpmdiff", "Identifier": { "PURL": "pkg:npm/libnpmdiff@8.1.3", "UID": "4e738d62eba7ad60", "BOMRef": "pkg:npm/libnpmdiff@8.1.3" }, "Version": "8.1.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmdiff/package.json", "Digest": "sha1:7bb2a4470ada74db8b19cff060f9893144dd4fc3" }, { "ID": "libnpmexec@10.1.12", "Name": "libnpmexec", "Identifier": { "PURL": "pkg:npm/libnpmexec@10.1.12", "UID": "ffcbd4543c4b337a", "BOMRef": "pkg:npm/libnpmexec@10.1.12" }, "Version": "10.1.12", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmexec/package.json", "Digest": "sha1:e5309d547a9265c367489cce048a4be7e40cd185" }, { "ID": "libnpmexec@10.2.3", "Name": "libnpmexec", "Identifier": { "PURL": "pkg:npm/libnpmexec@10.2.3", "UID": "a6b0b1a7c19df9dc", "BOMRef": "pkg:npm/libnpmexec@10.2.3" }, "Version": "10.2.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmexec/package.json", "Digest": "sha1:94cef92f6c01a16c2de53b84080083404d010727" }, { "ID": "libnpmfund@7.0.13", "Name": "libnpmfund", "Identifier": { "PURL": "pkg:npm/libnpmfund@7.0.13", "UID": "11b14048d63e4c9a", "BOMRef": "pkg:npm/libnpmfund@7.0.13" }, "Version": "7.0.13", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmfund/package.json", "Digest": "sha1:fcf920f9c673a9dfbeb93483b651e6743d7d2d8d" }, { "ID": "libnpmfund@7.0.17", "Name": "libnpmfund", "Identifier": { "PURL": "pkg:npm/libnpmfund@7.0.17", "UID": "1c4481bad7a540c8", "BOMRef": "pkg:npm/libnpmfund@7.0.17" }, "Version": "7.0.17", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmfund/package.json", "Digest": "sha1:b749fd9bed4a653c4757e73672035120b09c8c4d" }, { "ID": "libnpmorg@8.0.1", "Name": "libnpmorg", "Identifier": { "PURL": "pkg:npm/libnpmorg@8.0.1", "UID": "ea469c21475e1e2b", "BOMRef": "c1ceccc3-20ae-4d10-92f3-1ac398162f53" }, "Version": "8.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmorg/package.json", "Digest": "sha1:bb751a1dee75e700037086efe488eaadcf29345f" }, { "ID": "libnpmorg@8.0.1", "Name": "libnpmorg", "Identifier": { "PURL": "pkg:npm/libnpmorg@8.0.1", "UID": "3a7e4cd34bdfa4b6", "BOMRef": "61c04225-374f-4952-a28f-c1c863d045da" }, "Version": "8.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmorg/package.json", "Digest": "sha1:71644ece4c1f7182783fe2ea542ab4a851465845" }, { "ID": "libnpmpack@9.0.13", "Name": "libnpmpack", "Identifier": { "PURL": "pkg:npm/libnpmpack@9.0.13", "UID": "77297a72bb5a3d4a", "BOMRef": "pkg:npm/libnpmpack@9.0.13" }, "Version": "9.0.13", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmpack/package.json", "Digest": "sha1:221ad8b73551e34d90b0d66be97942cd0e705f50" }, { "ID": "libnpmpack@9.1.3", "Name": "libnpmpack", "Identifier": { "PURL": "pkg:npm/libnpmpack@9.1.3", "UID": "cd518826705c4601", "BOMRef": "pkg:npm/libnpmpack@9.1.3" }, "Version": "9.1.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmpack/package.json", "Digest": "sha1:990291b088743442fc68f01e7867991d37cd527a" }, { "ID": "libnpmpublish@11.1.3", "Name": "libnpmpublish", "Identifier": { "PURL": "pkg:npm/libnpmpublish@11.1.3", "UID": "d6174eeadc820a1a", "BOMRef": "43d965a3-873c-41ea-921c-d08366b28e1f" }, "Version": "11.1.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmpublish/package.json", "Digest": "sha1:ff82ddefb69c8d63b5a4be420961ed9bc267923d" }, { "ID": "libnpmpublish@11.1.3", "Name": "libnpmpublish", "Identifier": { "PURL": "pkg:npm/libnpmpublish@11.1.3", "UID": "24e903d3bd33afc5", "BOMRef": "1049209f-c523-46ac-99fc-560a5fc2182c" }, "Version": "11.1.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmpublish/package.json", "Digest": "sha1:f79157562e8ad15b97e33362c5e104f49358c209" }, { "ID": "libnpmsearch@9.0.1", "Name": "libnpmsearch", "Identifier": { "PURL": "pkg:npm/libnpmsearch@9.0.1", "UID": "ce13937d1cfa2fb7", "BOMRef": "287ad6a7-9b10-473d-b538-2b56085e0fa6" }, "Version": "9.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmsearch/package.json", "Digest": "sha1:839c733ea34fee24f8639d9514b827f20634aa47" }, { "ID": "libnpmsearch@9.0.1", "Name": "libnpmsearch", "Identifier": { "PURL": "pkg:npm/libnpmsearch@9.0.1", "UID": "43f36cbc17ab2a35", "BOMRef": "8183fc89-56db-41c1-b7d5-4135af09b33e" }, "Version": "9.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmsearch/package.json", "Digest": "sha1:51c93baa72fc8c35a3195194d066536a133e26d5" }, { "ID": "libnpmteam@8.0.2", "Name": "libnpmteam", "Identifier": { "PURL": "pkg:npm/libnpmteam@8.0.2", "UID": "bab91cd1ce50bb66", "BOMRef": "6209a8f7-8c0d-4f8f-b602-b11cd95fa14e" }, "Version": "8.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmteam/package.json", "Digest": "sha1:4638228278157df58223fce221f2b21e99a43351" }, { "ID": "libnpmteam@8.0.2", "Name": "libnpmteam", "Identifier": { "PURL": "pkg:npm/libnpmteam@8.0.2", "UID": "ab8dfd19f774d152", "BOMRef": "a5f57054-c0a6-4783-a3bf-721dd5dba068" }, "Version": "8.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmteam/package.json", "Digest": "sha1:c57610dfde38cf9e325c1cb64f6dcced3ee8af6d" }, { "ID": "libnpmversion@8.0.3", "Name": "libnpmversion", "Identifier": { "PURL": "pkg:npm/libnpmversion@8.0.3", "UID": "b314e81dbf77abf3", "BOMRef": "2eeb6daf-8dc1-4361-bdb3-ecdd49475e7a" }, "Version": "8.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/libnpmversion/package.json", "Digest": "sha1:26c9215135593d18d97e7124f32d5644aa62edac" }, { "ID": "libnpmversion@8.0.3", "Name": "libnpmversion", "Identifier": { "PURL": "pkg:npm/libnpmversion@8.0.3", "UID": "d34477f7d7ff1082", "BOMRef": "42983217-3c0f-4fb7-9cf5-06383e4bd93b" }, "Version": "8.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/libnpmversion/package.json", "Digest": "sha1:0526d61c11a1dc3cfdf3014dd303e35be0df0907" }, { "ID": "litellm-dashboard@0.1.0", "Name": "litellm-dashboard", "Identifier": { "PURL": "pkg:npm/litellm-dashboard@0.1.0", "UID": "9814a7a37f4a2ed6", "BOMRef": "pkg:npm/litellm-dashboard@0.1.0" }, "Version": "0.1.0", "Layer": { "Digest": "sha256:9bc527d3ca0651e418611453d924c7075960fd5f2311c55d2ed4f6b792c9045f", "DiffID": "sha256:8e1e20fa39a3b406637c68b5bcff0770fd1deb6f81da5fd2c126bfddd90c76f8" }, "FilePath": "app/ui/litellm-dashboard/package.json", "Digest": "sha1:1a0b5a58c0cc2aa5b38b8ac2ae691c356a19d6dc" }, { "ID": "lru-cache@11.2.4", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.4", "UID": "85543c2ff429bb93", "BOMRef": "pkg:npm/lru-cache@11.2.4" }, "Version": "11.2.4", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/lru-cache/package.json", "Digest": "sha1:0d206de7c8ee6fa3afe883a6caf24750ef4b6a56" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "2e6c49d402236462", "BOMRef": "7dac7a9a-8962-4d59-a863-0d637a000878" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "a03f704484a1ec2", "BOMRef": "b709e1c3-2dee-4e59-b3f8-a7e5eb06da92" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "cf2c5efdd683e05c", "BOMRef": "198bffec-dc4a-4dd3-b865-19b239483b16" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "760a118b0adcb90d", "BOMRef": "a2143d9e-7916-49a3-896c-6786a163c84d" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "lru-cache@11.2.6", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@11.2.6", "UID": "c593370c27a666fa", "BOMRef": "94441068-094a-400b-85a0-91fa73da482c" }, "Version": "11.2.6", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/lru-cache/package.json", "Digest": "sha1:d27773298a20e2414297de880c090a1a8a626c97" }, { "ID": "make-fetch-happen@15.0.3", "Name": "make-fetch-happen", "Identifier": { "PURL": "pkg:npm/make-fetch-happen@15.0.3", "UID": "423bb8d805589e6f", "BOMRef": "pkg:npm/make-fetch-happen@15.0.3" }, "Version": "15.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/make-fetch-happen/package.json", "Digest": "sha1:06b8dc0e17bf93a970739a0ac6845fa168884e8a" }, { "ID": "make-fetch-happen@15.0.4", "Name": "make-fetch-happen", "Identifier": { "PURL": "pkg:npm/make-fetch-happen@15.0.4", "UID": "b655f97327cab974", "BOMRef": "pkg:npm/make-fetch-happen@15.0.4" }, "Version": "15.0.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/make-fetch-happen/package.json", "Digest": "sha1:13079ab7db3997b25ca07cbd6e0a6056676eeee1" }, { "ID": "minimatch@10.2.1", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "48c7ab9072454134", "BOMRef": "b1357501-4833-4245-87d9-ea15030b4ed4" }, "Version": "10.2.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/minimatch/package.json", "Digest": "sha1:51f9e760bf99990f544c2aa399bf816a30aaaf9e" }, { "ID": "minimatch@10.2.1", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "e67583dd5fc89bf9", "BOMRef": "0c1707c6-cd50-4e2a-b847-3908a006d33f" }, "Version": "10.2.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/package.json", "Digest": "sha1:51f9e760bf99990f544c2aa399bf816a30aaaf9e" }, { "ID": "minimatch@10.2.1", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "10eab60ef14b8f31", "BOMRef": "16275ffb-2464-4768-8e84-3e36f33b60d1" }, "Version": "10.2.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/minimatch/package.json", "Digest": "sha1:51f9e760bf99990f544c2aa399bf816a30aaaf9e" }, { "ID": "minimatch@10.2.1", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "45fa7235f3e3e4d5", "BOMRef": "87350ab8-ae97-4853-af61-810863b88ec6" }, "Version": "10.2.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minimatch/package.json", "Digest": "sha1:51f9e760bf99990f544c2aa399bf816a30aaaf9e" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "63c90c54c5187a2a", "BOMRef": "cc8fdea6-d517-4124-a5d8-07bddb0b7de0" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-flush/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "ce959fb6f82b2a3c", "BOMRef": "22d198ab-4607-4fdc-b6d0-d38fec97681f" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-pipeline/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "9ba7da8db5dfc8d5", "BOMRef": "a02e0015-0f81-41f3-a029-226ce4b3c5ba" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-sized/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "4e912e8e73165152", "BOMRef": "0ab520f2-20ef-4ea5-99fb-0abcecff372a" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-flush/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@3.3.6", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@3.3.6", "UID": "e0058bd0f0437f3", "BOMRef": "5a3d2134-24d2-4726-a4af-064765c6b51b" }, "Version": "3.3.6", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-pipeline/node_modules/minipass/package.json", "Digest": "sha1:fc79b496665e2cdfc4bdaac9c7d7c4b2f4645f2c" }, { "ID": "minipass@7.1.2", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.2", "UID": "9710aa3e18fced24", "BOMRef": "pkg:npm/minipass@7.1.2" }, "Version": "7.1.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass/package.json", "Digest": "sha1:798df22ae1185484c372b4da30c4d75a0e7ea572" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "5295c7b941469ef1", "BOMRef": "c153207c-84d0-48d6-9348-49ac0a53c183" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "7460fc7b5996848c", "BOMRef": "9f9f9d79-e992-4176-a5e1-1323498a1b40" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "306661f0cb1bf06e", "BOMRef": "5a06c3ab-f97b-45a8-8361-bddbc5cc2fe2" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "17c617333e1dfc3e", "BOMRef": "5358a8cc-410a-4acd-ac94-eca867fe0066" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "30a87481ac1edeb2", "BOMRef": "bb5b9013-83be-47a1-bab6-83770293d13a" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "5820879eb77f2e38", "BOMRef": "7a69395c-4021-4d59-8f5f-6d422306d064" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "bbf0bfec6e2b4731", "BOMRef": "96a617b8-8b46-4d8a-b7ed-0739ffade59e" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "673ef5ce9d4ae42f", "BOMRef": "f92a2785-9b7c-4b2f-a849-aa1e72a086b2" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "35fd232123034811", "BOMRef": "a6eb88ec-2f4f-45d5-80c8-4ae6fb5bee55" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/minipass/package.json", "Digest": "sha1:61235e7e9cfd09deb1ed8a00c522c6bbbcdef750" }, { "ID": "minipass-collect@2.0.1", "Name": "minipass-collect", "Identifier": { "PURL": "pkg:npm/minipass-collect@2.0.1", "UID": "c1c7a2ee7648c707", "BOMRef": "88dbedbf-5878-451a-bf3b-6552cd4c0f9d" }, "Version": "2.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-collect/package.json", "Digest": "sha1:7ca3a77ca7b795148ecee5d9ebbe96e968dddb15" }, { "ID": "minipass-collect@2.0.1", "Name": "minipass-collect", "Identifier": { "PURL": "pkg:npm/minipass-collect@2.0.1", "UID": "bd1b0810acc17c9", "BOMRef": "60c82972-5f47-4776-a521-4d3a20f24dd2" }, "Version": "2.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-collect/package.json", "Digest": "sha1:7ca3a77ca7b795148ecee5d9ebbe96e968dddb15" }, { "ID": "minipass-fetch@5.0.0", "Name": "minipass-fetch", "Identifier": { "PURL": "pkg:npm/minipass-fetch@5.0.0", "UID": "983f34c51051ef7e", "BOMRef": "pkg:npm/minipass-fetch@5.0.0" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-fetch/package.json", "Digest": "sha1:de070b816133f9f9134563f7c6096a4cc99cd139" }, { "ID": "minipass-fetch@5.0.2", "Name": "minipass-fetch", "Identifier": { "PURL": "pkg:npm/minipass-fetch@5.0.2", "UID": "8212c4ba8c274583", "BOMRef": "pkg:npm/minipass-fetch@5.0.2" }, "Version": "5.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-fetch/package.json", "Digest": "sha1:3d9f30e4705201e45528f7bd4d7886f8a98a5ebe" }, { "ID": "minipass-flush@1.0.5", "Name": "minipass-flush", "Identifier": { "PURL": "pkg:npm/minipass-flush@1.0.5", "UID": "8f7d24f09f15b85e", "BOMRef": "5b0778f9-353c-4053-9af8-0d88cda2840a" }, "Version": "1.0.5", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-flush/package.json", "Digest": "sha1:c89612a2a9c68141b8271bbc94bcc88067c29790" }, { "ID": "minipass-flush@1.0.5", "Name": "minipass-flush", "Identifier": { "PURL": "pkg:npm/minipass-flush@1.0.5", "UID": "4b19689f416ba08b", "BOMRef": "17d06034-df3d-43f6-ae30-940c0afa936e" }, "Version": "1.0.5", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-flush/package.json", "Digest": "sha1:c89612a2a9c68141b8271bbc94bcc88067c29790" }, { "ID": "minipass-pipeline@1.2.4", "Name": "minipass-pipeline", "Identifier": { "PURL": "pkg:npm/minipass-pipeline@1.2.4", "UID": "188ae75badeb0925", "BOMRef": "1f1bc36c-e3c1-4f93-9c9c-cbc379fcf64e" }, "Version": "1.2.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-pipeline/package.json", "Digest": "sha1:e30c58465801deaceb4b81898e531c75679563b1" }, { "ID": "minipass-pipeline@1.2.4", "Name": "minipass-pipeline", "Identifier": { "PURL": "pkg:npm/minipass-pipeline@1.2.4", "UID": "573af53e8ac90403", "BOMRef": "aa1ddf44-fc23-458d-9858-150f3c3fa2ad" }, "Version": "1.2.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-pipeline/package.json", "Digest": "sha1:e30c58465801deaceb4b81898e531c75679563b1" }, { "ID": "minipass-sized@1.0.3", "Name": "minipass-sized", "Identifier": { "PURL": "pkg:npm/minipass-sized@1.0.3", "UID": "5ea64f8c6a98396b", "BOMRef": "pkg:npm/minipass-sized@1.0.3" }, "Version": "1.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minipass-sized/package.json", "Digest": "sha1:615e0e93dfdbc65b217029380591abc9e9b64136" }, { "ID": "minipass-sized@2.0.0", "Name": "minipass-sized", "Identifier": { "PURL": "pkg:npm/minipass-sized@2.0.0", "UID": "ba8edb6e81751f75", "BOMRef": "pkg:npm/minipass-sized@2.0.0" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-sized/package.json", "Digest": "sha1:c0e70d0d99106c4391afde2f25524f3cb876a1dd" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "e09b1ff7fa5d5330", "BOMRef": "09d47d01-8966-4c7b-9ec0-8921b05e655c" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "8b6080ceacf6425d", "BOMRef": "dc0527dc-fa22-4aa3-a2f6-9021f2f70593" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "33f642cfa9615ef4", "BOMRef": "aff38737-a47d-4d7e-b8de-d3fbb19068e1" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "2483d7df67987e09", "BOMRef": "dadfae85-466e-4a8a-9613-d714221f619f" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "2fea3e871d1566d2", "BOMRef": "c6e76c5e-0c16-4229-be2f-b0d21b45fabd" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "minizlib@3.1.0", "Name": "minizlib", "Identifier": { "PURL": "pkg:npm/minizlib@3.1.0", "UID": "59afb5e528dab1e1", "BOMRef": "36cab4ce-8739-4bc1-9ddb-252bd4b8628c" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/minizlib/package.json", "Digest": "sha1:ecda8f42a2256be6ae9bba8a268ae3964683fe09" }, { "ID": "ms@2.1.3", "Name": "ms", "Identifier": { "PURL": "pkg:npm/ms@2.1.3", "UID": "c89834e50e823daa", "BOMRef": "bb839297-9599-4f0b-b83f-21c951993cca" }, "Version": "2.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ms/package.json", "Digest": "sha1:c290eb97736177176d071da4ac855ab995685c97" }, { "ID": "ms@2.1.3", "Name": "ms", "Identifier": { "PURL": "pkg:npm/ms@2.1.3", "UID": "732201b734b1e907", "BOMRef": "856dc306-7be4-4f42-ab38-75b2a9143ac9" }, "Version": "2.1.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ms/package.json", "Digest": "sha1:c290eb97736177176d071da4ac855ab995685c97" }, { "ID": "mute-stream@3.0.0", "Name": "mute-stream", "Identifier": { "PURL": "pkg:npm/mute-stream@3.0.0", "UID": "949bd7d077d4c50f", "BOMRef": "897c6d3a-5264-439c-95b2-1c33d82fa4e6" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/mute-stream/package.json", "Digest": "sha1:170b20aad820bb2d67cdb50fe6714c3030eb6961" }, { "ID": "mute-stream@3.0.0", "Name": "mute-stream", "Identifier": { "PURL": "pkg:npm/mute-stream@3.0.0", "UID": "78f1f05680a1a1c4", "BOMRef": "cd5ff28e-51bc-4755-ac92-de24f89bad78" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/mute-stream/package.json", "Digest": "sha1:170b20aad820bb2d67cdb50fe6714c3030eb6961" }, { "ID": "negotiator@1.0.0", "Name": "negotiator", "Identifier": { "PURL": "pkg:npm/negotiator@1.0.0", "UID": "c329d42473904779", "BOMRef": "76c7eeb9-4305-4822-8609-81f98384624a" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/negotiator/package.json", "Digest": "sha1:046524b23a7aefb2b0cfd3ebbd0fd84c0f7df3f6" }, { "ID": "negotiator@1.0.0", "Name": "negotiator", "Identifier": { "PURL": "pkg:npm/negotiator@1.0.0", "UID": "fe4eec78acf4d981", "BOMRef": "e37ed59f-4b2c-4f41-b10d-a1a7b2ab84ee" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/negotiator/package.json", "Digest": "sha1:046524b23a7aefb2b0cfd3ebbd0fd84c0f7df3f6" }, { "ID": "node-gyp@12.1.0", "Name": "node-gyp", "Identifier": { "PURL": "pkg:npm/node-gyp@12.1.0", "UID": "c36573debe171d80", "BOMRef": "pkg:npm/node-gyp@12.1.0" }, "Version": "12.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/node-gyp/package.json", "Digest": "sha1:9ad149cce8b65467fd308c678c38e460e6e61051" }, { "ID": "node-gyp@12.2.0", "Name": "node-gyp", "Identifier": { "PURL": "pkg:npm/node-gyp@12.2.0", "UID": "a5d5c4e17bd454a2", "BOMRef": "pkg:npm/node-gyp@12.2.0" }, "Version": "12.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/node-gyp/package.json", "Digest": "sha1:94024c2f80031bfd4736e8cfc7b7e32b6b83e2d3" }, { "ID": "nopt@9.0.0", "Name": "nopt", "Identifier": { "PURL": "pkg:npm/nopt@9.0.0", "UID": "bd2b8c056cbb7c42", "BOMRef": "e3fa7d05-834d-4157-baa9-c21f580c1837" }, "Version": "9.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/nopt/package.json", "Digest": "sha1:44fa7f32a18abb1dde67088e347d8f7c2bfed87f" }, { "ID": "nopt@9.0.0", "Name": "nopt", "Identifier": { "PURL": "pkg:npm/nopt@9.0.0", "UID": "a27fa6efe383db5d", "BOMRef": "cb1253f6-1ee3-435e-892b-c0a137504667" }, "Version": "9.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/nopt/package.json", "Digest": "sha1:44fa7f32a18abb1dde67088e347d8f7c2bfed87f" }, { "ID": "npm@11.11.0", "Name": "npm", "Identifier": { "PURL": "pkg:npm/npm@11.11.0", "UID": "482d9a978e914dcc", "BOMRef": "pkg:npm/npm@11.11.0" }, "Version": "11.11.0", "Licenses": [ "Artistic-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/package.json", "Digest": "sha1:1c4f1b3d9abe22e75b8a6a0af889363b22895c10" }, { "ID": "npm@11.8.0", "Name": "npm", "Identifier": { "PURL": "pkg:npm/npm@11.8.0", "UID": "c5af687ed0287931", "BOMRef": "pkg:npm/npm@11.8.0" }, "Version": "11.8.0", "Licenses": [ "Artistic-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/package.json", "Digest": "sha1:90aee03cea02616588cafa36cd3630d1c1fa8302" }, { "ID": "npm-audit-report@7.0.0", "Name": "npm-audit-report", "Identifier": { "PURL": "pkg:npm/npm-audit-report@7.0.0", "UID": "4021c56e3c7766f9", "BOMRef": "7d026edd-ec0c-4cf0-9d71-20432711c79c" }, "Version": "7.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-audit-report/package.json", "Digest": "sha1:040167501ae6b37c24bfdfbbd67fcf467d37bdc0" }, { "ID": "npm-audit-report@7.0.0", "Name": "npm-audit-report", "Identifier": { "PURL": "pkg:npm/npm-audit-report@7.0.0", "UID": "3b0942776391de15", "BOMRef": "9c507105-92a2-4b99-a648-d8226824cf71" }, "Version": "7.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-audit-report/package.json", "Digest": "sha1:040167501ae6b37c24bfdfbbd67fcf467d37bdc0" }, { "ID": "npm-bundled@5.0.0", "Name": "npm-bundled", "Identifier": { "PURL": "pkg:npm/npm-bundled@5.0.0", "UID": "81e45b4dd34394bc", "BOMRef": "e53df518-19b4-4e82-ab9e-e3390e276e80" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-bundled/package.json", "Digest": "sha1:9dfb03e07a30a5e91c2d051690fec605e0cad435" }, { "ID": "npm-bundled@5.0.0", "Name": "npm-bundled", "Identifier": { "PURL": "pkg:npm/npm-bundled@5.0.0", "UID": "bdff9a7a4f7acb9", "BOMRef": "c7d9266e-c9c1-4275-b81c-87166cf315fa" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-bundled/package.json", "Digest": "sha1:9dfb03e07a30a5e91c2d051690fec605e0cad435" }, { "ID": "npm-install-checks@8.0.0", "Name": "npm-install-checks", "Identifier": { "PURL": "pkg:npm/npm-install-checks@8.0.0", "UID": "cf1c56e762180e11", "BOMRef": "f4903c69-505c-4e3a-a3e4-3df82b7f8d0d" }, "Version": "8.0.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-install-checks/package.json", "Digest": "sha1:407654a587e45ad83b936081f22670ebcaec1bc9" }, { "ID": "npm-install-checks@8.0.0", "Name": "npm-install-checks", "Identifier": { "PURL": "pkg:npm/npm-install-checks@8.0.0", "UID": "2933098d2e0f0840", "BOMRef": "6be9c868-b859-4189-9302-f3190b230503" }, "Version": "8.0.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-install-checks/package.json", "Digest": "sha1:407654a587e45ad83b936081f22670ebcaec1bc9" }, { "ID": "npm-normalize-package-bin@5.0.0", "Name": "npm-normalize-package-bin", "Identifier": { "PURL": "pkg:npm/npm-normalize-package-bin@5.0.0", "UID": "22476a5a05bbcade", "BOMRef": "653a9434-1195-4931-83e6-18b5a0feaea5" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-normalize-package-bin/package.json", "Digest": "sha1:e525037807bb400a135f7e1be77c8dc97d78bb96" }, { "ID": "npm-normalize-package-bin@5.0.0", "Name": "npm-normalize-package-bin", "Identifier": { "PURL": "pkg:npm/npm-normalize-package-bin@5.0.0", "UID": "ef4079114a10fa38", "BOMRef": "031fd6fb-51d6-472c-809c-85adeb4481b2" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-normalize-package-bin/package.json", "Digest": "sha1:e525037807bb400a135f7e1be77c8dc97d78bb96" }, { "ID": "npm-package-arg@13.0.2", "Name": "npm-package-arg", "Identifier": { "PURL": "pkg:npm/npm-package-arg@13.0.2", "UID": "d55b953fc35f7bf5", "BOMRef": "21598d15-91fd-4bcf-966c-73ab167e2676" }, "Version": "13.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-package-arg/package.json", "Digest": "sha1:68938fd68043d217f6ca9b6fb63c8a5470a3a589" }, { "ID": "npm-package-arg@13.0.2", "Name": "npm-package-arg", "Identifier": { "PURL": "pkg:npm/npm-package-arg@13.0.2", "UID": "dee08773cb8dacba", "BOMRef": "391968bf-7461-4176-b1d8-2d455636e46b" }, "Version": "13.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-package-arg/package.json", "Digest": "sha1:68938fd68043d217f6ca9b6fb63c8a5470a3a589" }, { "ID": "npm-packlist@10.0.3", "Name": "npm-packlist", "Identifier": { "PURL": "pkg:npm/npm-packlist@10.0.3", "UID": "c1a511f97a23d062", "BOMRef": "pkg:npm/npm-packlist@10.0.3" }, "Version": "10.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-packlist/package.json", "Digest": "sha1:6a3cdda6728c40e4b1b1173cb1d0a53a222807f0" }, { "ID": "npm-packlist@10.0.4", "Name": "npm-packlist", "Identifier": { "PURL": "pkg:npm/npm-packlist@10.0.4", "UID": "89d1ae991b2dfce5", "BOMRef": "pkg:npm/npm-packlist@10.0.4" }, "Version": "10.0.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-packlist/package.json", "Digest": "sha1:cb96034f926a932fb94df071a7165f1fc25ef98d" }, { "ID": "npm-pick-manifest@11.0.3", "Name": "npm-pick-manifest", "Identifier": { "PURL": "pkg:npm/npm-pick-manifest@11.0.3", "UID": "dfc8fc4072638ac2", "BOMRef": "cbe0b6c4-049a-4219-8f7b-27a273e0f7c9" }, "Version": "11.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-pick-manifest/package.json", "Digest": "sha1:da8b96c28cd5be842555739920b3574061b88b89" }, { "ID": "npm-pick-manifest@11.0.3", "Name": "npm-pick-manifest", "Identifier": { "PURL": "pkg:npm/npm-pick-manifest@11.0.3", "UID": "bab84a6fd3862a96", "BOMRef": "0e0047b6-0507-4871-bc1d-9221ec670cca" }, "Version": "11.0.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-pick-manifest/package.json", "Digest": "sha1:da8b96c28cd5be842555739920b3574061b88b89" }, { "ID": "npm-profile@12.0.1", "Name": "npm-profile", "Identifier": { "PURL": "pkg:npm/npm-profile@12.0.1", "UID": "da11504ea1f55f13", "BOMRef": "42848b1b-92ca-41a1-9a98-46bda30bd210" }, "Version": "12.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-profile/package.json", "Digest": "sha1:5097ede462b66fae69c6420d7f1812d9ecc24d93" }, { "ID": "npm-profile@12.0.1", "Name": "npm-profile", "Identifier": { "PURL": "pkg:npm/npm-profile@12.0.1", "UID": "f36a699b3fbc6826", "BOMRef": "1efe60f8-61af-4d51-b948-8e874e336d8c" }, "Version": "12.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-profile/package.json", "Digest": "sha1:5097ede462b66fae69c6420d7f1812d9ecc24d93" }, { "ID": "npm-registry-fetch@19.1.1", "Name": "npm-registry-fetch", "Identifier": { "PURL": "pkg:npm/npm-registry-fetch@19.1.1", "UID": "3989dfe7aff4a4bd", "BOMRef": "fe91a7ac-b2e8-4a49-ba7b-d1fbef77fc46" }, "Version": "19.1.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-registry-fetch/package.json", "Digest": "sha1:26d6a380dc0d9bf4e36329d53b453d4258834999" }, { "ID": "npm-registry-fetch@19.1.1", "Name": "npm-registry-fetch", "Identifier": { "PURL": "pkg:npm/npm-registry-fetch@19.1.1", "UID": "7e5075e4d5c1138d", "BOMRef": "807fbeb4-cd80-4b8c-b845-85b5f3beeca8" }, "Version": "19.1.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-registry-fetch/package.json", "Digest": "sha1:26d6a380dc0d9bf4e36329d53b453d4258834999" }, { "ID": "npm-user-validate@4.0.0", "Name": "npm-user-validate", "Identifier": { "PURL": "pkg:npm/npm-user-validate@4.0.0", "UID": "50c7e45da984a125", "BOMRef": "a85f3ce9-c97a-4290-8e25-9c4416b5d420" }, "Version": "4.0.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/npm-user-validate/package.json", "Digest": "sha1:55bda8b4785869e477f5f02d1e9b0134bd86267f" }, { "ID": "npm-user-validate@4.0.0", "Name": "npm-user-validate", "Identifier": { "PURL": "pkg:npm/npm-user-validate@4.0.0", "UID": "bee727c270fc0c88", "BOMRef": "4a061b7b-32ea-427c-96c8-79495bf89d4e" }, "Version": "4.0.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/npm-user-validate/package.json", "Digest": "sha1:55bda8b4785869e477f5f02d1e9b0134bd86267f" }, { "ID": "p-map@7.0.4", "Name": "p-map", "Identifier": { "PURL": "pkg:npm/p-map@7.0.4", "UID": "bc7ae7da9adc41b1", "BOMRef": "37ac13e1-7486-4432-9761-924afa05f4d5" }, "Version": "7.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/p-map/package.json", "Digest": "sha1:f7afd4bd0f710b2b0c099a22a646cda6fb927688" }, { "ID": "p-map@7.0.4", "Name": "p-map", "Identifier": { "PURL": "pkg:npm/p-map@7.0.4", "UID": "a978d25166826255", "BOMRef": "02c005cf-b062-498e-9153-43e41d81f672" }, "Version": "7.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/p-map/package.json", "Digest": "sha1:f7afd4bd0f710b2b0c099a22a646cda6fb927688" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "1e98bda1f4ea17d8", "BOMRef": "96ccf52f-fd64-42f7-b87b-6e44f95e5e10" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/package-json-from-dist/package.json", "Digest": "sha1:d93947bd52021bb5f785613249e0e198a3b48025" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "e0120f85420c11a7", "BOMRef": "59341cb4-6da3-46cf-930b-c0ae9daa997c" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/package-json-from-dist/package.json", "Digest": "sha1:d93947bd52021bb5f785613249e0e198a3b48025" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "1e2c94e94fb717f0", "BOMRef": "cc17eb41-2d30-40d8-82cc-554377f6b420" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/package-json-from-dist/package.json", "Digest": "sha1:d93947bd52021bb5f785613249e0e198a3b48025" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "5d347ff907f99d6c", "BOMRef": "dbb9aab7-23dc-4064-814d-9394a76844f3" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/package-json-from-dist/package.json", "Digest": "sha1:d93947bd52021bb5f785613249e0e198a3b48025" }, { "ID": "pacote@21.0.4", "Name": "pacote", "Identifier": { "PURL": "pkg:npm/pacote@21.0.4", "UID": "1cf40128e331bbe0", "BOMRef": "pkg:npm/pacote@21.0.4" }, "Version": "21.0.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/pacote/package.json", "Digest": "sha1:50daecc71eeca347e0ed1b031bd1ce69eebd22b0" }, { "ID": "pacote@21.4.0", "Name": "pacote", "Identifier": { "PURL": "pkg:npm/pacote@21.4.0", "UID": "e9a9d58c225db719", "BOMRef": "pkg:npm/pacote@21.4.0" }, "Version": "21.4.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/pacote/package.json", "Digest": "sha1:c83c4e5a82376a1bd201f893b24e09897ba0817a" }, { "ID": "parse-conflict-json@5.0.1", "Name": "parse-conflict-json", "Identifier": { "PURL": "pkg:npm/parse-conflict-json@5.0.1", "UID": "5da0ba514492bbbf", "BOMRef": "57b154c4-d188-4e03-9c3b-4da5a795047e" }, "Version": "5.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/parse-conflict-json/package.json", "Digest": "sha1:9665d46107a1ad4846912f83ee204314dfe18f6a" }, { "ID": "parse-conflict-json@5.0.1", "Name": "parse-conflict-json", "Identifier": { "PURL": "pkg:npm/parse-conflict-json@5.0.1", "UID": "2342ec0909878406", "BOMRef": "e2a8e4a7-5ab0-4601-a779-3252495c672e" }, "Version": "5.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/parse-conflict-json/package.json", "Digest": "sha1:9665d46107a1ad4846912f83ee204314dfe18f6a" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "9c8db232eed33ce4", "BOMRef": "f3a95fea-3dc8-47e1-8c48-51900660f4da" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/path-key/package.json", "Digest": "sha1:f330c46f59dbdd92dddf8a2cfc2c1569b469bdd2" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "2ba0f7e906a086b4", "BOMRef": "3bcda836-f727-4d1b-8c20-178e6872552b" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/path-key/package.json", "Digest": "sha1:f330c46f59dbdd92dddf8a2cfc2c1569b469bdd2" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "9b8b6b9ef2332bc5", "BOMRef": "1ee1bf28-25c2-408b-93eb-636a40c37794" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/path-key/package.json", "Digest": "sha1:f330c46f59dbdd92dddf8a2cfc2c1569b469bdd2" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "a20a0164c3a317e9", "BOMRef": "aa069ad7-cc36-4472-bb80-10b78f284be8" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/path-key/package.json", "Digest": "sha1:f330c46f59dbdd92dddf8a2cfc2c1569b469bdd2" }, { "ID": "path-scurry@2.0.1", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.1", "UID": "a100cf77749134ea", "BOMRef": "pkg:npm/path-scurry@2.0.1" }, "Version": "2.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/path-scurry/package.json", "Digest": "sha1:e76f88f36b2a9decd23e2a1635afba30de8f1809" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "3c49737b275eb2b4", "BOMRef": "f98e2891-bffd-4da6-be83-1747bf719a84" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "75d431148a0d906b", "BOMRef": "8c6150c8-7327-4ff2-bf14-0d6c59841344" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "16bc764329060bb4", "BOMRef": "ec2e2fd9-4e2e-40f0-a9ee-cae984265b2a" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "38cc622ef77bf8df", "BOMRef": "b5d05c2e-3685-47fa-8c8a-99085ace46c7" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "path-scurry@2.0.2", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@2.0.2", "UID": "35bd41cfee2a2a16", "BOMRef": "6109d98a-2474-459b-8bf5-3e5bb1d6b842" }, "Version": "2.0.2", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/path-scurry/package.json", "Digest": "sha1:6799d0755e607ad667faf000d9ff843270fb9fce" }, { "ID": "picomatch@4.0.3", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "da462ee96f111c17", "BOMRef": "2e7e48e2-e806-4deb-b8b7-0091b5a3cc2b" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "Digest": "sha1:d5b57c1efc38eb0545dbf3eaffe857ba94597f07" }, { "ID": "picomatch@4.0.3", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "37ffd1e47bf3016", "BOMRef": "05223e2c-dfc1-4136-8057-f234c898c2b4" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "Digest": "sha1:d5b57c1efc38eb0545dbf3eaffe857ba94597f07" }, { "ID": "postcss-selector-parser@7.1.1", "Name": "postcss-selector-parser", "Identifier": { "PURL": "pkg:npm/postcss-selector-parser@7.1.1", "UID": "7fc970aa75efd24e", "BOMRef": "d26562fd-7f8d-40de-8893-7592544c8f62" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/postcss-selector-parser/package.json", "Digest": "sha1:97ad05d49550a0c52b32de253cc8fe8e6241b987" }, { "ID": "postcss-selector-parser@7.1.1", "Name": "postcss-selector-parser", "Identifier": { "PURL": "pkg:npm/postcss-selector-parser@7.1.1", "UID": "afabc480016adbc1", "BOMRef": "30e16188-5680-4cc0-834f-04284e2a7b90" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/postcss-selector-parser/package.json", "Digest": "sha1:97ad05d49550a0c52b32de253cc8fe8e6241b987" }, { "ID": "prisma@5.4.2", "Name": "prisma", "Identifier": { "PURL": "pkg:npm/prisma@5.4.2", "UID": "4139b6ae3100dd1a", "BOMRef": "pkg:npm/prisma@5.4.2" }, "Version": "5.4.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:34f4b20c1f804fa43c4b77168afdb0a125691ca4b9493989914d96886a4a9a7a", "DiffID": "sha256:87f972c78e205fa9c02f92e6f333aa19417f61a3040f235aef3ee451f41ad0d8" }, "FilePath": "root/.cache/prisma-python/binaries/5.4.2/ac9d7041ed77bcc8a8dbd2ab6616b39013829574/node_modules/prisma/package.json", "Digest": "sha1:233149234d81830aa27b624c884739e1f8c7498b" }, { "ID": "prisma-binaries@1.0.0", "Name": "prisma-binaries", "Identifier": { "PURL": "pkg:npm/prisma-binaries@1.0.0", "UID": "30d417c34a4845a0", "BOMRef": "pkg:npm/prisma-binaries@1.0.0" }, "Version": "1.0.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:34f4b20c1f804fa43c4b77168afdb0a125691ca4b9493989914d96886a4a9a7a", "DiffID": "sha256:87f972c78e205fa9c02f92e6f333aa19417f61a3040f235aef3ee451f41ad0d8" }, "FilePath": "root/.cache/prisma-python/binaries/5.4.2/ac9d7041ed77bcc8a8dbd2ab6616b39013829574/package.json", "Digest": "sha1:13da9e1561789f778831c4ebefed1268d740601d" }, { "ID": "proc-log@6.1.0", "Name": "proc-log", "Identifier": { "PURL": "pkg:npm/proc-log@6.1.0", "UID": "6133d25bb8b22141", "BOMRef": "492c0ae2-c18f-4224-8899-8c374c18a0f5" }, "Version": "6.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/proc-log/package.json", "Digest": "sha1:1be791ec94791bad88368bd320e09768d19af950" }, { "ID": "proc-log@6.1.0", "Name": "proc-log", "Identifier": { "PURL": "pkg:npm/proc-log@6.1.0", "UID": "f81fb0e4d664f29e", "BOMRef": "3145a5de-d3aa-49a6-bfa5-1583d6b2ff7c" }, "Version": "6.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/proc-log/package.json", "Digest": "sha1:1be791ec94791bad88368bd320e09768d19af950" }, { "ID": "proggy@4.0.0", "Name": "proggy", "Identifier": { "PURL": "pkg:npm/proggy@4.0.0", "UID": "9b1283fa37556682", "BOMRef": "1bd7a786-df07-444c-a1bf-fe45f59912cb" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/proggy/package.json", "Digest": "sha1:6561cfc6f2b76082d0bd2e5d7c63b4ef20fe8578" }, { "ID": "proggy@4.0.0", "Name": "proggy", "Identifier": { "PURL": "pkg:npm/proggy@4.0.0", "UID": "30166e184d08b0ac", "BOMRef": "b7fb8811-76a3-4ec5-9c85-0cad26e045a3" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/proggy/package.json", "Digest": "sha1:6561cfc6f2b76082d0bd2e5d7c63b4ef20fe8578" }, { "ID": "promise-all-reject-late@1.0.1", "Name": "promise-all-reject-late", "Identifier": { "PURL": "pkg:npm/promise-all-reject-late@1.0.1", "UID": "d17172023d74c2d4", "BOMRef": "92bf497c-d019-4b45-b00e-318497314531" }, "Version": "1.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/promise-all-reject-late/package.json", "Digest": "sha1:c88aa929d83fb2bbf326f7c62103da6b8c48c4df" }, { "ID": "promise-all-reject-late@1.0.1", "Name": "promise-all-reject-late", "Identifier": { "PURL": "pkg:npm/promise-all-reject-late@1.0.1", "UID": "d711e178e43cbcc", "BOMRef": "c1653ca9-8f42-4384-8311-0ceceec7f09e" }, "Version": "1.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/promise-all-reject-late/package.json", "Digest": "sha1:c88aa929d83fb2bbf326f7c62103da6b8c48c4df" }, { "ID": "promise-call-limit@3.0.2", "Name": "promise-call-limit", "Identifier": { "PURL": "pkg:npm/promise-call-limit@3.0.2", "UID": "43b145aa8d8536a4", "BOMRef": "c763c09a-be13-46d8-8d84-40c720b85307" }, "Version": "3.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/promise-call-limit/package.json", "Digest": "sha1:27f3261a15e6ace571c3ad192e878cec1d9358c9" }, { "ID": "promise-call-limit@3.0.2", "Name": "promise-call-limit", "Identifier": { "PURL": "pkg:npm/promise-call-limit@3.0.2", "UID": "11a297ed84bf092", "BOMRef": "613f687f-2658-4c83-85b2-78fdbcaa0469" }, "Version": "3.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/promise-call-limit/package.json", "Digest": "sha1:27f3261a15e6ace571c3ad192e878cec1d9358c9" }, { "ID": "promise-retry@2.0.1", "Name": "promise-retry", "Identifier": { "PURL": "pkg:npm/promise-retry@2.0.1", "UID": "5d0dc8f4214cdfd7", "BOMRef": "d991b35c-cf08-4242-b606-22a46339f88c" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/promise-retry/package.json", "Digest": "sha1:fc649cbedea73287db37a431e5761e9c0b4abca9" }, { "ID": "promise-retry@2.0.1", "Name": "promise-retry", "Identifier": { "PURL": "pkg:npm/promise-retry@2.0.1", "UID": "60069217c502bd21", "BOMRef": "aca88d0e-a5e2-48f1-bbc3-f47ba25d12bb" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/promise-retry/package.json", "Digest": "sha1:fc649cbedea73287db37a431e5761e9c0b4abca9" }, { "ID": "promzard@3.0.1", "Name": "promzard", "Identifier": { "PURL": "pkg:npm/promzard@3.0.1", "UID": "aef2c59e9303f3fe", "BOMRef": "b7a6c7d6-539e-4eb5-b6bf-dde0a90ab5b0" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/promzard/package.json", "Digest": "sha1:cf40b5b5f6e3f70b866ca5d7fe08e00aae1bc33c" }, { "ID": "promzard@3.0.1", "Name": "promzard", "Identifier": { "PURL": "pkg:npm/promzard@3.0.1", "UID": "590fbf94e2283341", "BOMRef": "d9988ba9-37e1-40e1-8889-6fefdeef3709" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/promzard/package.json", "Digest": "sha1:cf40b5b5f6e3f70b866ca5d7fe08e00aae1bc33c" }, { "ID": "qrcode-terminal@0.12.0", "Name": "qrcode-terminal", "Identifier": { "PURL": "pkg:npm/qrcode-terminal@0.12.0", "UID": "d4a15e23c383a1ce", "BOMRef": "49726996-de5f-44b7-bc2c-cdadbfc4d4a3" }, "Version": "0.12.0", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/qrcode-terminal/package.json", "Digest": "sha1:4a84ac3decfe9f31da851b98dedd698f935b83bc" }, { "ID": "qrcode-terminal@0.12.0", "Name": "qrcode-terminal", "Identifier": { "PURL": "pkg:npm/qrcode-terminal@0.12.0", "UID": "eb2f5fc857e82643", "BOMRef": "99a6ec8c-8505-4f6a-83dd-6cf54e46dc57" }, "Version": "0.12.0", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/qrcode-terminal/package.json", "Digest": "sha1:4a84ac3decfe9f31da851b98dedd698f935b83bc" }, { "ID": "read@5.0.1", "Name": "read", "Identifier": { "PURL": "pkg:npm/read@5.0.1", "UID": "144d115b47a2d8cc", "BOMRef": "2e17efa0-f584-40b7-b521-8dd630c4f652" }, "Version": "5.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/read/package.json", "Digest": "sha1:202675a6008d164feb9732ab21970a1977d40693" }, { "ID": "read@5.0.1", "Name": "read", "Identifier": { "PURL": "pkg:npm/read@5.0.1", "UID": "968e88dcee7e4733", "BOMRef": "df6e1e2d-6caa-4f49-9182-d02f2b67486d" }, "Version": "5.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/read/package.json", "Digest": "sha1:202675a6008d164feb9732ab21970a1977d40693" }, { "ID": "read-cmd-shim@6.0.0", "Name": "read-cmd-shim", "Identifier": { "PURL": "pkg:npm/read-cmd-shim@6.0.0", "UID": "da301ce52826a194", "BOMRef": "d8b539cd-8a5b-4a5c-a25e-0d0e775859e2" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/read-cmd-shim/package.json", "Digest": "sha1:bb22c7694960e98b244d220ac92c31f556b9a454" }, { "ID": "read-cmd-shim@6.0.0", "Name": "read-cmd-shim", "Identifier": { "PURL": "pkg:npm/read-cmd-shim@6.0.0", "UID": "3fd2fd8f54246862", "BOMRef": "339211ee-268f-4b04-8c8a-7018decdf8a5" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/read-cmd-shim/package.json", "Digest": "sha1:bb22c7694960e98b244d220ac92c31f556b9a454" }, { "ID": "retry@0.12.0", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.12.0", "UID": "a6e000276438cade", "BOMRef": "fdba8098-72b5-4edc-80fa-bcf802b1e928" }, "Version": "0.12.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/retry/package.json", "Digest": "sha1:10dd0941e4e65c436c4f7111efdb1679c966c478" }, { "ID": "retry@0.12.0", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.12.0", "UID": "388eedd4b35aa529", "BOMRef": "c89c9b31-99b9-4c90-a489-c4ae68986db5" }, "Version": "0.12.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/retry/package.json", "Digest": "sha1:10dd0941e4e65c436c4f7111efdb1679c966c478" }, { "ID": "retry@0.13.1", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.13.1", "UID": "7eefe681335c3b38", "BOMRef": "pkg:npm/retry@0.13.1" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/@gar/promise-retry/node_modules/retry/package.json", "Digest": "sha1:59938dbd56e639fc8e328046d447a7f1e50d2603" }, { "ID": "safer-buffer@2.1.2", "Name": "safer-buffer", "Identifier": { "PURL": "pkg:npm/safer-buffer@2.1.2", "UID": "c0fbe0ebccd4a544", "BOMRef": "4301f39e-8f35-4345-93e9-8a6f4c8c3577" }, "Version": "2.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/safer-buffer/package.json", "Digest": "sha1:5ed0fab8e5cac53e4d072acbd82fca9be08f5e67" }, { "ID": "safer-buffer@2.1.2", "Name": "safer-buffer", "Identifier": { "PURL": "pkg:npm/safer-buffer@2.1.2", "UID": "8248f6e5c0c5a61", "BOMRef": "fe413c6a-e403-40d8-98f9-f930d5c9e507" }, "Version": "2.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/safer-buffer/package.json", "Digest": "sha1:5ed0fab8e5cac53e4d072acbd82fca9be08f5e67" }, { "ID": "semver@7.7.3", "Name": "semver", "Identifier": { "PURL": "pkg:npm/semver@7.7.3", "UID": "58f6631d640dac84", "BOMRef": "pkg:npm/semver@7.7.3" }, "Version": "7.7.3", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/semver/package.json", "Digest": "sha1:8b79d46abe6fc320567c34edb59ab3f88ed2f581" }, { "ID": "semver@7.7.4", "Name": "semver", "Identifier": { "PURL": "pkg:npm/semver@7.7.4", "UID": "895d9b19ca5631b", "BOMRef": "pkg:npm/semver@7.7.4" }, "Version": "7.7.4", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/semver/package.json", "Digest": "sha1:d9596b0dfd52092ec49e20d3e586feaeb5d47ffb" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "7151daeae14bfd61", "BOMRef": "fbf883ac-c53e-4d57-8183-03016f2ed385" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/shebang-command/package.json", "Digest": "sha1:2e2395a2e489846382e5cefdf011dcd7cacb82a5" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "543eea69e5bb3c06", "BOMRef": "1b78eac1-ac38-4695-8aef-81ed3fff47b7" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/shebang-command/package.json", "Digest": "sha1:2e2395a2e489846382e5cefdf011dcd7cacb82a5" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "4879f0a6b90f584c", "BOMRef": "6edbd88b-9339-4b07-b5c1-af4eb8d2c4a4" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/shebang-command/package.json", "Digest": "sha1:2e2395a2e489846382e5cefdf011dcd7cacb82a5" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "6aebdb98326a75c1", "BOMRef": "246f9ae0-8c4e-4b06-9eff-3fa09271cbb6" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/shebang-command/package.json", "Digest": "sha1:2e2395a2e489846382e5cefdf011dcd7cacb82a5" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "6ad08ef115471ab3", "BOMRef": "c62f3cb2-7f6a-4712-83f1-da0d0dd3af19" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/shebang-regex/package.json", "Digest": "sha1:4c10640951d12ad418aa40c29b550fdfe3d2567a" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "32a5d00a27754895", "BOMRef": "d501d568-6a65-40dd-bafd-ed642797bdaa" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/shebang-regex/package.json", "Digest": "sha1:4c10640951d12ad418aa40c29b550fdfe3d2567a" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "287654398d2803cc", "BOMRef": "ecaac2c8-19b8-4438-af69-a77b7ca19a05" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/shebang-regex/package.json", "Digest": "sha1:4c10640951d12ad418aa40c29b550fdfe3d2567a" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "d855aed3461a81a7", "BOMRef": "525f9533-7ad2-4c60-9676-217efeb8e7f0" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/shebang-regex/package.json", "Digest": "sha1:4c10640951d12ad418aa40c29b550fdfe3d2567a" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "623cb1ac9abe036f", "BOMRef": "96d6476b-8a11-4011-8941-563cfe358853" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "a783aa5df1e22565", "BOMRef": "56dafba9-955c-4503-8fdf-a3e55bd42437" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "88cdca4e41668c0f", "BOMRef": "4cbfc83c-b6dd-4b6e-9f34-fe4c34f99198" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "76fe978a4fc21d3c", "BOMRef": "53785725-da2a-4df8-b34a-46a5c1e4ebea" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "4e71da6457c162e0", "BOMRef": "ae646f5b-fb2d-49ac-a676-286426e86456" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "67dc71b3a67465e8", "BOMRef": "28753a78-777a-48c7-8286-b1705fac9899" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/signal-exit/package.json", "Digest": "sha1:7ed47a76d7f1a65c0920cbf3d9f09c4adb9cc961" }, { "ID": "sigstore@4.1.0", "Name": "sigstore", "Identifier": { "PURL": "pkg:npm/sigstore@4.1.0", "UID": "e15cf1c19eb052f4", "BOMRef": "6a0cbbc1-d879-4dd7-b86f-1ddec25e9bdb" }, "Version": "4.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/sigstore/package.json", "Digest": "sha1:a0a695a5c6df89e050ae2802dad080b0dd66e986" }, { "ID": "sigstore@4.1.0", "Name": "sigstore", "Identifier": { "PURL": "pkg:npm/sigstore@4.1.0", "UID": "ac290e3fc4d4dfa9", "BOMRef": "1d3336f1-eb3d-497b-8b5f-194dbb573769" }, "Version": "4.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/sigstore/package.json", "Digest": "sha1:a0a695a5c6df89e050ae2802dad080b0dd66e986" }, { "ID": "smart-buffer@4.2.0", "Name": "smart-buffer", "Identifier": { "PURL": "pkg:npm/smart-buffer@4.2.0", "UID": "6e165ff0d0442ed5", "BOMRef": "57ebbd59-2ddd-4362-aae3-224b6059d9db" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/smart-buffer/package.json", "Digest": "sha1:a9db89be9421029bd73baf8199042a08253a0b59" }, { "ID": "smart-buffer@4.2.0", "Name": "smart-buffer", "Identifier": { "PURL": "pkg:npm/smart-buffer@4.2.0", "UID": "785a393382c8ce3d", "BOMRef": "5d94cf14-0343-44b7-a893-31fb7ba021f3" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/smart-buffer/package.json", "Digest": "sha1:a9db89be9421029bd73baf8199042a08253a0b59" }, { "ID": "socks@2.8.7", "Name": "socks", "Identifier": { "PURL": "pkg:npm/socks@2.8.7", "UID": "a987085e3b3065d3", "BOMRef": "f1768df2-a9d4-4275-adc9-05df54031bc8" }, "Version": "2.8.7", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/socks/package.json", "Digest": "sha1:c92d113f3614e8c725fc4de50c3312bdcde18258" }, { "ID": "socks@2.8.7", "Name": "socks", "Identifier": { "PURL": "pkg:npm/socks@2.8.7", "UID": "524ef3d4d9d42df5", "BOMRef": "dadbfbfb-f311-4698-a158-092288c0d353" }, "Version": "2.8.7", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/socks/package.json", "Digest": "sha1:c92d113f3614e8c725fc4de50c3312bdcde18258" }, { "ID": "socks-proxy-agent@8.0.5", "Name": "socks-proxy-agent", "Identifier": { "PURL": "pkg:npm/socks-proxy-agent@8.0.5", "UID": "2a3eb638666b6d96", "BOMRef": "4b962f7c-2ad5-44ca-85de-07b1e333f967" }, "Version": "8.0.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/socks-proxy-agent/package.json", "Digest": "sha1:a52f0cff949fd82f9e42d4214d2917964d7a9bdb" }, { "ID": "socks-proxy-agent@8.0.5", "Name": "socks-proxy-agent", "Identifier": { "PURL": "pkg:npm/socks-proxy-agent@8.0.5", "UID": "72c2211b0f3541b8", "BOMRef": "98b0eacd-9be9-4a5f-bd9b-5c18a50d8c5b" }, "Version": "8.0.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/socks-proxy-agent/package.json", "Digest": "sha1:a52f0cff949fd82f9e42d4214d2917964d7a9bdb" }, { "ID": "spdx-correct@3.2.0", "Name": "spdx-correct", "Identifier": { "PURL": "pkg:npm/spdx-correct@3.2.0", "UID": "3ba9fdfe827f277b", "BOMRef": "pkg:npm/spdx-correct@3.2.0" }, "Version": "3.2.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-correct/package.json", "Digest": "sha1:a7a8f7467469c676a88934b972d08c03c9a4b7b4" }, { "ID": "spdx-exceptions@2.5.0", "Name": "spdx-exceptions", "Identifier": { "PURL": "pkg:npm/spdx-exceptions@2.5.0", "UID": "83c353cb6fec27bc", "BOMRef": "197e62f6-e851-4139-a448-93626a1811b6" }, "Version": "2.5.0", "Licenses": [ "CC-BY-3.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-exceptions/package.json", "Digest": "sha1:0f731ec5551fde840e6213e20cd9fbdc53468290" }, { "ID": "spdx-exceptions@2.5.0", "Name": "spdx-exceptions", "Identifier": { "PURL": "pkg:npm/spdx-exceptions@2.5.0", "UID": "5009c4f30f6e8474", "BOMRef": "4f400770-7639-406b-8ea6-23e877fdb52e" }, "Version": "2.5.0", "Licenses": [ "CC-BY-3.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/spdx-exceptions/package.json", "Digest": "sha1:0f731ec5551fde840e6213e20cd9fbdc53468290" }, { "ID": "spdx-expression-parse@3.0.1", "Name": "spdx-expression-parse", "Identifier": { "PURL": "pkg:npm/spdx-expression-parse@3.0.1", "UID": "9b78149674c81921", "BOMRef": "61a1cc7b-d192-41aa-9503-df30dff95c7b" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-correct/node_modules/spdx-expression-parse/package.json", "Digest": "sha1:72082a3e9d4efe5a06c914b7ffa738f35b550ffb" }, { "ID": "spdx-expression-parse@3.0.1", "Name": "spdx-expression-parse", "Identifier": { "PURL": "pkg:npm/spdx-expression-parse@3.0.1", "UID": "87e64836583f3344", "BOMRef": "deaade98-4873-4d1a-bab9-7736d470dc34" }, "Version": "3.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/validate-npm-package-license/node_modules/spdx-expression-parse/package.json", "Digest": "sha1:72082a3e9d4efe5a06c914b7ffa738f35b550ffb" }, { "ID": "spdx-expression-parse@4.0.0", "Name": "spdx-expression-parse", "Identifier": { "PURL": "pkg:npm/spdx-expression-parse@4.0.0", "UID": "2203d5be0b9549bb", "BOMRef": "d04293dc-6636-42b2-88c8-003d07e4a60c" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-expression-parse/package.json", "Digest": "sha1:3f1b1059652d04327b6b0513080e242935399c30" }, { "ID": "spdx-expression-parse@4.0.0", "Name": "spdx-expression-parse", "Identifier": { "PURL": "pkg:npm/spdx-expression-parse@4.0.0", "UID": "ef5af0ecdc3f37fd", "BOMRef": "d642296e-51ae-4135-b655-039e1dc219a4" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/spdx-expression-parse/package.json", "Digest": "sha1:3f1b1059652d04327b6b0513080e242935399c30" }, { "ID": "spdx-license-ids@3.0.22", "Name": "spdx-license-ids", "Identifier": { "PURL": "pkg:npm/spdx-license-ids@3.0.22", "UID": "d85187ac58dcb6c2", "BOMRef": "pkg:npm/spdx-license-ids@3.0.22" }, "Version": "3.0.22", "Licenses": [ "CC0-1.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/spdx-license-ids/package.json", "Digest": "sha1:0c921a3dffa4e1c2bcfdf3559a7c1713090b08f2" }, { "ID": "spdx-license-ids@3.0.23", "Name": "spdx-license-ids", "Identifier": { "PURL": "pkg:npm/spdx-license-ids@3.0.23", "UID": "d92e62a152d13d4", "BOMRef": "pkg:npm/spdx-license-ids@3.0.23" }, "Version": "3.0.23", "Licenses": [ "CC0-1.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/spdx-license-ids/package.json", "Digest": "sha1:e804161e6108792db7c0d626338f51b2dcf9bf7f" }, { "ID": "ssri@13.0.0", "Name": "ssri", "Identifier": { "PURL": "pkg:npm/ssri@13.0.0", "UID": "2350f49e4e5a3dfd", "BOMRef": "pkg:npm/ssri@13.0.0" }, "Version": "13.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/ssri/package.json", "Digest": "sha1:8abdcfa076c039e1f09d3b4554b0bad0c8d31d3e" }, { "ID": "ssri@13.0.1", "Name": "ssri", "Identifier": { "PURL": "pkg:npm/ssri@13.0.1", "UID": "b3ddc6baf8f2c02f", "BOMRef": "pkg:npm/ssri@13.0.1" }, "Version": "13.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/ssri/package.json", "Digest": "sha1:c91b5cd4329cb25896064409cb45f2428e32f239" }, { "ID": "string-width@4.2.3", "Name": "string-width", "Identifier": { "PURL": "pkg:npm/string-width@4.2.3", "UID": "76122286e72dc795", "BOMRef": "pkg:npm/string-width@4.2.3" }, "Version": "4.2.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/string-width/package.json", "Digest": "sha1:a5306c15bba6cb123d9f061ca85eb56576c6638f" }, { "ID": "strip-ansi@6.0.1", "Name": "strip-ansi", "Identifier": { "PURL": "pkg:npm/strip-ansi@6.0.1", "UID": "e8e801fb7518026c", "BOMRef": "pkg:npm/strip-ansi@6.0.1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/strip-ansi/package.json", "Digest": "sha1:892d549c672831716abe655f087946d2644f2852" }, { "ID": "supports-color@10.2.2", "Name": "supports-color", "Identifier": { "PURL": "pkg:npm/supports-color@10.2.2", "UID": "ae7ddcb9e0de4de9", "BOMRef": "c41302ed-b4e3-4d78-a9c1-55ada04b6a24" }, "Version": "10.2.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/supports-color/package.json", "Digest": "sha1:ba4fdcabc29b4cd931da15c51981f96731bd1b1e" }, { "ID": "supports-color@10.2.2", "Name": "supports-color", "Identifier": { "PURL": "pkg:npm/supports-color@10.2.2", "UID": "5c68123903b46127", "BOMRef": "d722acdf-882f-447f-ae3c-f95ee1610323" }, "Version": "10.2.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/supports-color/package.json", "Digest": "sha1:ba4fdcabc29b4cd931da15c51981f96731bd1b1e" }, { "ID": "tar@7.5.8", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "cb09126b780eb55b", "BOMRef": "47d1f3a2-6f37-421f-bffc-3cf9ff59b3b1" }, "Version": "7.5.8", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/package.json", "Digest": "sha1:bb602d72821b219f56ca9ded25a2899712ec7b75" }, { "ID": "tar@7.5.8", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "c9c635b87eb6b158", "BOMRef": "d6491a35-30e0-418b-9eec-76bade4b96a9" }, "Version": "7.5.8", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/package.json", "Digest": "sha1:bb602d72821b219f56ca9ded25a2899712ec7b75" }, { "ID": "tar@7.5.8", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "8e62226f25c31969", "BOMRef": "d9e9bc85-8e13-4fc4-a429-d9305b0c3422" }, "Version": "7.5.8", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/package.json", "Digest": "sha1:bb602d72821b219f56ca9ded25a2899712ec7b75" }, { "ID": "tar@7.5.8", "Name": "tar", "Identifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "87766a791eb2435b", "BOMRef": "bb7c647b-f40a-4075-9833-df91de475bb8" }, "Version": "7.5.8", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/package.json", "Digest": "sha1:bb602d72821b219f56ca9ded25a2899712ec7b75" }, { "ID": "text-table@0.2.0", "Name": "text-table", "Identifier": { "PURL": "pkg:npm/text-table@0.2.0", "UID": "acd058231f012303", "BOMRef": "c25cd85f-66d4-4950-b2e1-2f8f5f5c475b" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/text-table/package.json", "Digest": "sha1:f63faee888ad065881dff49fc3e3de8ac57b2ae2" }, { "ID": "text-table@0.2.0", "Name": "text-table", "Identifier": { "PURL": "pkg:npm/text-table@0.2.0", "UID": "ffa11ae5248e02c2", "BOMRef": "c505d2ae-c020-49e6-bec5-3898ed4f2fa7" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/text-table/package.json", "Digest": "sha1:f63faee888ad065881dff49fc3e3de8ac57b2ae2" }, { "ID": "tiny-relative-date@2.0.2", "Name": "tiny-relative-date", "Identifier": { "PURL": "pkg:npm/tiny-relative-date@2.0.2", "UID": "3df27ff5037b044a", "BOMRef": "bedd456f-bea8-4d78-8831-64b89fbc0a25" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tiny-relative-date/package.json", "Digest": "sha1:120561f313d4901b1dc03b2594ecc45cfe2ad550" }, { "ID": "tiny-relative-date@2.0.2", "Name": "tiny-relative-date", "Identifier": { "PURL": "pkg:npm/tiny-relative-date@2.0.2", "UID": "5683dac1a47acab5", "BOMRef": "a3d610c3-3cc5-4eae-b92f-45eebda009c4" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tiny-relative-date/package.json", "Digest": "sha1:120561f313d4901b1dc03b2594ecc45cfe2ad550" }, { "ID": "tinyglobby@0.2.15", "Name": "tinyglobby", "Identifier": { "PURL": "pkg:npm/tinyglobby@0.2.15", "UID": "13ff155828c39f50", "BOMRef": "02c8ee4c-bcba-4676-b6b1-15ca03c3d744" }, "Version": "0.2.15", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/package.json", "Digest": "sha1:811354c5cc4a6c4f64899ed3fcd9f91a7a36e857" }, { "ID": "tinyglobby@0.2.15", "Name": "tinyglobby", "Identifier": { "PURL": "pkg:npm/tinyglobby@0.2.15", "UID": "cce862fc929fe35f", "BOMRef": "fe13be53-d18f-4dcf-a19d-67c83e1af8d7" }, "Version": "0.2.15", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/package.json", "Digest": "sha1:811354c5cc4a6c4f64899ed3fcd9f91a7a36e857" }, { "ID": "treeverse@3.0.0", "Name": "treeverse", "Identifier": { "PURL": "pkg:npm/treeverse@3.0.0", "UID": "35e5aab4dfa5e86c", "BOMRef": "3a091ed8-8a2f-433c-8bbf-5a5f4326ba9e" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/treeverse/package.json", "Digest": "sha1:83653dcf5b0c581f485febcbeb9152176632bed0" }, { "ID": "treeverse@3.0.0", "Name": "treeverse", "Identifier": { "PURL": "pkg:npm/treeverse@3.0.0", "UID": "2b8c18888b8763ff", "BOMRef": "948e6432-b979-4545-ad7c-9313e07a0fcf" }, "Version": "3.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/treeverse/package.json", "Digest": "sha1:83653dcf5b0c581f485febcbeb9152176632bed0" }, { "ID": "tuf-js@4.1.0", "Name": "tuf-js", "Identifier": { "PURL": "pkg:npm/tuf-js@4.1.0", "UID": "319c4d7ca52d2463", "BOMRef": "695a23d0-e644-4e60-abb7-bf460b111368" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tuf-js/package.json", "Digest": "sha1:43aa062b744de4a123e714337d05adaa483ceed1" }, { "ID": "tuf-js@4.1.0", "Name": "tuf-js", "Identifier": { "PURL": "pkg:npm/tuf-js@4.1.0", "UID": "b9d6948758df9c13", "BOMRef": "a25acb57-8fa0-49be-82ef-4aa65e3ad3d9" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tuf-js/package.json", "Digest": "sha1:43aa062b744de4a123e714337d05adaa483ceed1" }, { "ID": "unique-filename@5.0.0", "Name": "unique-filename", "Identifier": { "PURL": "pkg:npm/unique-filename@5.0.0", "UID": "f712f31521f2d7b9", "BOMRef": "706025f8-4377-4fe1-9bb0-94413be74094" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/unique-filename/package.json", "Digest": "sha1:6450c655c66643d252cdc98fc3c413fda26dfeee" }, { "ID": "unique-filename@5.0.0", "Name": "unique-filename", "Identifier": { "PURL": "pkg:npm/unique-filename@5.0.0", "UID": "aef89fc8797d93c3", "BOMRef": "018a6ea4-bec8-4712-94bd-77dceb336d0a" }, "Version": "5.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/unique-filename/package.json", "Digest": "sha1:6450c655c66643d252cdc98fc3c413fda26dfeee" }, { "ID": "unique-slug@6.0.0", "Name": "unique-slug", "Identifier": { "PURL": "pkg:npm/unique-slug@6.0.0", "UID": "d63aaeaabaa05290", "BOMRef": "22d03357-361c-4855-9a15-34cd4af783ad" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/unique-slug/package.json", "Digest": "sha1:8e5c78d6e2c33153024c55a1d4d1730592e3915c" }, { "ID": "unique-slug@6.0.0", "Name": "unique-slug", "Identifier": { "PURL": "pkg:npm/unique-slug@6.0.0", "UID": "820f9d57b963ac8d", "BOMRef": "82ad534e-faee-4cde-bf01-786327ca6bda" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/unique-slug/package.json", "Digest": "sha1:8e5c78d6e2c33153024c55a1d4d1730592e3915c" }, { "ID": "util-deprecate@1.0.2", "Name": "util-deprecate", "Identifier": { "PURL": "pkg:npm/util-deprecate@1.0.2", "UID": "a657b7b337dccf1d", "BOMRef": "1a4a710a-e598-4cae-a40f-6d304d5cd243" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/util-deprecate/package.json", "Digest": "sha1:2e69081e7bab6e09d3dcfd680716fdeea577431d" }, { "ID": "util-deprecate@1.0.2", "Name": "util-deprecate", "Identifier": { "PURL": "pkg:npm/util-deprecate@1.0.2", "UID": "a1ac3a03e6cf458c", "BOMRef": "1694de4e-fbe5-4eaa-9960-b00aa1c296b6" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/util-deprecate/package.json", "Digest": "sha1:2e69081e7bab6e09d3dcfd680716fdeea577431d" }, { "ID": "validate-npm-package-license@3.0.4", "Name": "validate-npm-package-license", "Identifier": { "PURL": "pkg:npm/validate-npm-package-license@3.0.4", "UID": "50c757731154fe0f", "BOMRef": "pkg:npm/validate-npm-package-license@3.0.4" }, "Version": "3.0.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/validate-npm-package-license/package.json", "Digest": "sha1:a938b65349aed1eb3852d98dc1a8431209faf99f" }, { "ID": "validate-npm-package-name@7.0.2", "Name": "validate-npm-package-name", "Identifier": { "PURL": "pkg:npm/validate-npm-package-name@7.0.2", "UID": "75424aa0bdaf2a6c", "BOMRef": "5e37afd6-abaf-452c-a077-c73262e122b8" }, "Version": "7.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/validate-npm-package-name/package.json", "Digest": "sha1:38514b39ec296f38677d2be6f15d799756de778e" }, { "ID": "validate-npm-package-name@7.0.2", "Name": "validate-npm-package-name", "Identifier": { "PURL": "pkg:npm/validate-npm-package-name@7.0.2", "UID": "54181bfe1c4b8630", "BOMRef": "5ca646b6-7f35-4066-8c2b-165b2490e8a4" }, "Version": "7.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/validate-npm-package-name/package.json", "Digest": "sha1:38514b39ec296f38677d2be6f15d799756de778e" }, { "ID": "walk-up-path@4.0.0", "Name": "walk-up-path", "Identifier": { "PURL": "pkg:npm/walk-up-path@4.0.0", "UID": "1f1786c8c7c0f923", "BOMRef": "7bb01a94-b3c0-478c-af52-79f24e81e802" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/walk-up-path/package.json", "Digest": "sha1:5d1d771c0f7a60316cd0d039f38a9e6ce3b08b44" }, { "ID": "walk-up-path@4.0.0", "Name": "walk-up-path", "Identifier": { "PURL": "pkg:npm/walk-up-path@4.0.0", "UID": "943e30867dbbc5e3", "BOMRef": "bfdd59c2-a6a8-4bde-95b8-0fa14fbbce68" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/walk-up-path/package.json", "Digest": "sha1:5d1d771c0f7a60316cd0d039f38a9e6ce3b08b44" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "1ea75bc641ab1b49", "BOMRef": "af0e5b55-7e46-404b-86c0-f05f994c60a8" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/glob/node_modules/which/package.json", "Digest": "sha1:402837c5ba60f95b309957adc4657b8fe4fb1f05" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "9b145340c4a6dbf7", "BOMRef": "2f79d1aa-8699-4237-9084-183fcffc813e" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/glob/node_modules/which/package.json", "Digest": "sha1:402837c5ba60f95b309957adc4657b8fe4fb1f05" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "982e4f400d2f4bb0", "BOMRef": "134f2f73-b621-43fb-bd63-620b821ff89a" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/glob/node_modules/which/package.json", "Digest": "sha1:402837c5ba60f95b309957adc4657b8fe4fb1f05" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "fa9e4f6f86508218", "BOMRef": "a8d15305-51b3-4426-99cb-9e3b1a2d73c2" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/glob/node_modules/which/package.json", "Digest": "sha1:402837c5ba60f95b309957adc4657b8fe4fb1f05" }, { "ID": "which@6.0.0", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@6.0.0", "UID": "e7ede7c14f916bc7", "BOMRef": "pkg:npm/which@6.0.0" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/which/package.json", "Digest": "sha1:cb8b0157735e34c3257f5f246186bc73c4541924" }, { "ID": "which@6.0.1", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@6.0.1", "UID": "3a48311b7633f249", "BOMRef": "pkg:npm/which@6.0.1" }, "Version": "6.0.1", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/which/package.json", "Digest": "sha1:a4c4ac6aa9af226fc930104916a5f7cfd26f230c" }, { "ID": "write-file-atomic@7.0.0", "Name": "write-file-atomic", "Identifier": { "PURL": "pkg:npm/write-file-atomic@7.0.0", "UID": "593090254f010d00", "BOMRef": "14e04385-7f80-464f-8ce7-170bd854e491" }, "Version": "7.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/write-file-atomic/package.json", "Digest": "sha1:a38060379c27d419714e1e0d4f9397aa3ca9a238" }, { "ID": "write-file-atomic@7.0.0", "Name": "write-file-atomic", "Identifier": { "PURL": "pkg:npm/write-file-atomic@7.0.0", "UID": "c1c95600502d0946", "BOMRef": "dc6f513f-8c5a-4706-b82c-3ab887e9bacf" }, "Version": "7.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/write-file-atomic/package.json", "Digest": "sha1:a38060379c27d419714e1e0d4f9397aa3ca9a238" }, { "ID": "yallist@4.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@4.0.0", "UID": "c98fb59ba51baad9", "BOMRef": "aafc06fb-52df-49a9-8c31-0b220e9a8369" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/yallist/package.json", "Digest": "sha1:d6a16b480cbd582f969b3d0ed89a157316268d10" }, { "ID": "yallist@4.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@4.0.0", "UID": "b4d213672566426d", "BOMRef": "3619e848-3513-4275-87fe-6a82a47aaaa7" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-flush/node_modules/yallist/package.json", "Digest": "sha1:d6a16b480cbd582f969b3d0ed89a157316268d10" }, { "ID": "yallist@4.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@4.0.0", "UID": "51f892be20b621c1", "BOMRef": "bd5e7547-ba49-4da7-bd6d-a9d819a796a0" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/minipass-pipeline/node_modules/yallist/package.json", "Digest": "sha1:d6a16b480cbd582f969b3d0ed89a157316268d10" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "459c89b365afe81b", "BOMRef": "38e26c37-6b0b-4b52-ad5e-fda587c48226" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "FilePath": "usr/lib/node_modules/npm/node_modules/tar/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "cbfef22178eff39e", "BOMRef": "98c241ae-9416-44ac-97c4-607228bd540d" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "ba30a629725f741b", "BOMRef": "05e4f489-4ca7-42c8-aa13-d1c6303f1e25" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/tar/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "6c78ff5c0c2bb7fc", "BOMRef": "d9b4b258-d9ab-4d76-90d5-7260379b13b9" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/npm/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" }, { "ID": "yallist@5.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@5.0.0", "UID": "f04cd11b8af507a4", "BOMRef": "d5ff3bb0-bba9-491c-b0ae-dd132573f837" }, "Version": "5.0.0", "Licenses": [ "BlueOak-1.0.0" ], "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "FilePath": "usr/local/lib/node_modules/tar/node_modules/yallist/package.json", "Digest": "sha1:4eaebb818148fd3bcc27e1aef2d88497999f675e" } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "8d010b68b10821ff", "BOMRef": "889a6a78-26b1-43b1-b1c4-061b7c2bbbe9" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "8f97d6c64db34f94", "BOMRef": "18a69e30-41b2-4314-8503-810271bc2154" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/local/lib/node_modules/minimatch/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "d50df2b5ea56b90a", "BOMRef": "fe999b78-d036-4c0d-9f6c-74ab0d3b476f" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "35206c15b2ba421b", "BOMRef": "8ad76ae5-4cd4-4157-b8a0-02ae61c45e4f" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-33750", "VendorIDs": [ "GHSA-f886-m6hf-6m8v" ], "PkgID": "brace-expansion@5.0.3", "PkgName": "brace-expansion", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/minimatch/node_modules/brace-expansion/package.json", "PkgIdentifier": { "PURL": "pkg:npm/brace-expansion@5.0.3", "UID": "b27799da299514df", "BOMRef": "bd2aca29-90ef-4482-b849-2d2daac8e6de" }, "InstalledVersion": "5.0.3", "FixedVersion": "5.0.5, 3.0.2, 2.0.3, 1.1.13", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33750", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bc6d74f3fd2c8de8e8b4486c9731a02fb6737bcbc1f511db5d8216f75d4c91a9", "Title": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "Description": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33750", "https://github.com/juliangruber/brace-expansion", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "https://github.com/juliangruber/brace-expansion/issues/98", "https://github.com/juliangruber/brace-expansion/pull/95", "https://github.com/juliangruber/brace-expansion/pull/96", "https://github.com/juliangruber/brace-expansion/pull/97", "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "https://nvd.nist.gov/vuln/detail/CVE-2026-33750", "https://www.cve.org/CVERecord?id=CVE-2026-33750" ], "PublishedDate": "2026-03-27T15:16:57.297Z", "LastModifiedDate": "2026-03-30T13:26:29.793Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "48c7ab9072454134", "BOMRef": "b1357501-4833-4245-87d9-ea15030b4ed4" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f09c0ffa451c17234005611833eb09752dbbf4c2eaf9e4fd3db9d2e90423b66", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "e67583dd5fc89bf9", "BOMRef": "0c1707c6-cd50-4e2a-b847-3908a006d33f" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f09c0ffa451c17234005611833eb09752dbbf4c2eaf9e4fd3db9d2e90423b66", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/local/lib/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "10eab60ef14b8f31", "BOMRef": "16275ffb-2464-4768-8e84-3e36f33b60d1" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f09c0ffa451c17234005611833eb09752dbbf4c2eaf9e4fd3db9d2e90423b66", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27903", "VendorIDs": [ "GHSA-7r86-cg39-jmmj" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "45fa7235f3e3e4d5", "BOMRef": "87350ab8-ae97-4853-af61-810863b88ec6" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27903", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f09c0ffa451c17234005611833eb09752dbbf4c2eaf9e4fd3db9d2e90423b66", "Title": "minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3, `matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior. Any application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.3 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27903", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "https://www.cve.org/CVERecord?id=CVE-2026-27903" ], "PublishedDate": "2026-02-26T02:16:21.353Z", "LastModifiedDate": "2026-02-27T17:21:22.37Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "48c7ab9072454134", "BOMRef": "b1357501-4833-4245-87d9-ea15030b4ed4" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ca62c33b81d14a226b0916a70eb28284f62ec819be3ef938d37f750d0112d6de", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "e67583dd5fc89bf9", "BOMRef": "0c1707c6-cd50-4e2a-b847-3908a006d33f" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ca62c33b81d14a226b0916a70eb28284f62ec819be3ef938d37f750d0112d6de", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/local/lib/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "10eab60ef14b8f31", "BOMRef": "16275ffb-2464-4768-8e84-3e36f33b60d1" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ca62c33b81d14a226b0916a70eb28284f62ec819be3ef938d37f750d0112d6de", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-27904", "VendorIDs": [ "GHSA-23c5-xmqv-rm74" ], "PkgID": "minimatch@10.2.1", "PkgName": "minimatch", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/minimatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/minimatch@10.2.1", "UID": "45fa7235f3e3e4d5", "BOMRef": "87350ab8-ae97-4853-af61-810863b88ec6" }, "InstalledVersion": "10.2.1", "FixedVersion": "10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27904", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ca62c33b81d14a226b0916a70eb28284f62ec819be3ef938d37f750d0112d6de", "Title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions", "Description": "minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Prior to version 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4, nested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally. Versions 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, and 3.1.4 fix the issue.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27904", "https://github.com/isaacs/minimatch", "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "https://www.cve.org/CVERecord?id=CVE-2026-27904" ], "PublishedDate": "2026-02-26T02:16:21.76Z", "LastModifiedDate": "2026-02-27T17:16:23.773Z" }, { "VulnerabilityID": "CVE-2026-33671", "VendorIDs": [ "GHSA-c2c7-rcm5-vvqj" ], "PkgID": "picomatch@4.0.3", "PkgName": "picomatch", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "da462ee96f111c17", "BOMRef": "2e7e48e2-e806-4deb-b8b7-0091b5a3cc2b" }, "InstalledVersion": "4.0.3", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:207ad269915973ca2f23d010cda47be6c0642612083c33e920cc47d603f2821d", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33671", "VendorIDs": [ "GHSA-c2c7-rcm5-vvqj" ], "PkgID": "picomatch@4.0.3", "PkgName": "picomatch", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "37ffd1e47bf3016", "BOMRef": "05223e2c-dfc1-4136-8057-f234c898c2b4" }, "InstalledVersion": "4.0.3", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33671", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:207ad269915973ca2f23d010cda47be6c0642612083c33e920cc47d603f2821d", "Title": "picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Applications are impacted when they allow untrusted users to supply glob patterns that are passed to `picomatch` for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to `picomatch`. Possible mitigations include disabling extglob support for untrusted patterns by using `noextglob: true`, rejecting or sanitizing patterns containing nested extglobs or extglob quantifiers such as `+()` and `*()`, enforcing strict allowlists for accepted pattern syntax, running matching in an isolated worker or separate process with time and resource limits, and applying application-level request throttling and input validation for any endpoint that accepts glob patterns.", "Severity": "HIGH", "CweIDs": [ "CWE-1333" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33671", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d", "https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj", "https://nvd.nist.gov/vuln/detail/CVE-2026-33671", "https://www.cve.org/CVERecord?id=CVE-2026-33671" ], "PublishedDate": "2026-03-26T22:16:30.21Z", "LastModifiedDate": "2026-04-01T13:45:11.687Z" }, { "VulnerabilityID": "CVE-2026-33672", "VendorIDs": [ "GHSA-3v7f-55p6-f55p" ], "PkgID": "picomatch@4.0.3", "PkgName": "picomatch", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "da462ee96f111c17", "BOMRef": "2e7e48e2-e806-4deb-b8b7-0091b5a3cc2b" }, "InstalledVersion": "4.0.3", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:2f6677f54143717bdb7617fbb22baa2470965a5f811541d2db8e4696d970e0cc", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-33672", "VendorIDs": [ "GHSA-3v7f-55p6-f55p" ], "PkgID": "picomatch@4.0.3", "PkgName": "picomatch", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/tinyglobby/node_modules/picomatch/package.json", "PkgIdentifier": { "PURL": "pkg:npm/picomatch@4.0.3", "UID": "37ffd1e47bf3016", "BOMRef": "05223e2c-dfc1-4136-8057-f234c898c2b4" }, "InstalledVersion": "4.0.3", "FixedVersion": "4.0.4, 3.0.2, 2.3.2", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33672", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:2f6677f54143717bdb7617fbb22baa2470965a5f811541d2db8e4696d970e0cc", "Title": "picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions", "Description": "Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to a method injection vulnerability affecting the `POSIX_REGEX_SOURCE` object. Because the object inherits from `Object.prototype`, specially crafted POSIX bracket expressions (e.g., `[[:constructor:]]`) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression. This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control. All users of affected `picomatch` versions that process untrusted or user-controlled glob patterns are potentially impacted. This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2. Users should upgrade to one of these versions or later, depending on their supported release line. If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch. Possible mitigations include sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like `[[:...:]]`; avoiding the use of POSIX bracket expressions if user input is involved; and manually patching the library by modifying `POSIX_REGEX_SOURCE` to use a null prototype.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1321" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33672", "https://github.com/micromatch/picomatch", "https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903", "https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p", "https://nvd.nist.gov/vuln/detail/CVE-2026-33672", "https://www.cve.org/CVERecord?id=CVE-2026-33672" ], "PublishedDate": "2026-03-26T22:16:30.387Z", "LastModifiedDate": "2026-04-01T13:44:53.397Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "cb09126b780eb55b", "BOMRef": "47d1f3a2-6f37-421f-bffc-3cf9ff59b3b1" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a32a685b3c99e3c60160512ee033e7114abb1f2aab969320b49f883d4b7b3e70", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "c9c635b87eb6b158", "BOMRef": "d6491a35-30e0-418b-9eec-76bade4b96a9" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a32a685b3c99e3c60160512ee033e7114abb1f2aab969320b49f883d4b7b3e70", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "8e62226f25c31969", "BOMRef": "d9e9bc85-8e13-4fc4-a429-d9305b0c3422" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a32a685b3c99e3c60160512ee033e7114abb1f2aab969320b49f883d4b7b3e70", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-29786", "VendorIDs": [ "GHSA-qffp-2rhf-9h96" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/local/lib/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "87766a791eb2435b", "BOMRef": "bb7c647b-f40a-4075-9833-df91de475bb8" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.10", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29786", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:a32a685b3c99e3c60160512ee033e7114abb1f2aab969320b49f883d4b7b3e70", "Title": "node-tar: hardlink path traversal via drive-relative linkpath", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.", "Severity": "HIGH", "CweIDs": [ "CWE-22", "CWE-59" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 2, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "V3Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "V3Score": 8.6 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29786", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f", "https://github.com/isaacs/node-tar/security/advisories/GHSA-qffp-2rhf-9h96", "https://nvd.nist.gov/vuln/detail/CVE-2026-29786", "https://www.cve.org/CVERecord?id=CVE-2026-29786" ], "PublishedDate": "2026-03-07T16:15:55.587Z", "LastModifiedDate": "2026-03-11T21:50:01.91Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "cb09126b780eb55b", "BOMRef": "47d1f3a2-6f37-421f-bffc-3cf9ff59b3b1" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:443250536aea707f26425b77c60bb9440b39b1d77b29d3d972bcc576ef35e860", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/lib/python3.13/site-packages/nodejs_wheel/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "c9c635b87eb6b158", "BOMRef": "d6491a35-30e0-418b-9eec-76bade4b96a9" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:3b7603f0f050d11d0c9334eb2879e2933fa9f2f1c54bd27bb8488dcc97fc43f3", "DiffID": "sha256:0b133dfab8c313f4f128c40243d1d80e6cb968ea0c23d883190a6352769e3fbe" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:443250536aea707f26425b77c60bb9440b39b1d77b29d3d972bcc576ef35e860", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/local/lib/node_modules/npm/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "8e62226f25c31969", "BOMRef": "d9e9bc85-8e13-4fc4-a429-d9305b0c3422" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:443250536aea707f26425b77c60bb9440b39b1d77b29d3d972bcc576ef35e860", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" }, { "VulnerabilityID": "CVE-2026-31802", "VendorIDs": [ "GHSA-9ppj-qmqm-q256" ], "PkgID": "tar@7.5.8", "PkgName": "tar", "PkgPath": "usr/local/lib/node_modules/tar/package.json", "PkgIdentifier": { "PURL": "pkg:npm/tar@7.5.8", "UID": "87766a791eb2435b", "BOMRef": "bb7c647b-f40a-4075-9833-df91de475bb8" }, "InstalledVersion": "7.5.8", "FixedVersion": "7.5.11", "Status": "fixed", "Layer": { "Digest": "sha256:b3577fb4084ad5d275c4fadf4d4568cc448c226eaa223a1c0d1a398a1049d7fb", "DiffID": "sha256:6dd8afd9a5defee16b293c9a7a2abc845af25ce56cb885d6a31f8932a68221a1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31802", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:443250536aea707f26425b77c60bb9440b39b1d77b29d3d972bcc576ef35e860", "Title": "tar: tar: File overwrite via drive-relative symlink traversal", "Description": "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.", "Severity": "HIGH", "CweIDs": [ "CWE-22" ], "VendorSeverity": { "ghsa": 3, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N", "V40Score": 8.2 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31802", "https://github.com/isaacs/node-tar", "https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad", "https://github.com/isaacs/node-tar/security/advisories/GHSA-9ppj-qmqm-q256", "https://nvd.nist.gov/vuln/detail/CVE-2026-31802", "https://www.cve.org/CVERecord?id=CVE-2026-31802" ], "PublishedDate": "2026-03-10T07:44:58.02Z", "LastModifiedDate": "2026-03-18T18:13:34.703Z" } ] }, { "Target": "Python", "Class": "lang-pkgs", "Type": "python-pkg", "Packages": [ { "ID": "APScheduler@3.10.4", "Name": "APScheduler", "Identifier": { "PURL": "pkg:pypi/apscheduler@3.10.4", "UID": "96c046febd645752", "BOMRef": "pkg:pypi/apscheduler@3.10.4" }, "Version": "3.10.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/APScheduler-3.10.4.dist-info/METADATA", "Digest": "sha1:3c645283c329748c21fee30a0a21ea492988d52f" }, { "ID": "Deprecated@1.3.1", "Name": "Deprecated", "Identifier": { "PURL": "pkg:pypi/deprecated@1.3.1", "UID": "84c499d23752f986", "BOMRef": "pkg:pypi/deprecated@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/deprecated-1.3.1.dist-info/METADATA", "Digest": "sha1:109990e0106e9872d6bf3486d1fa574730d1c717" }, { "ID": "Jinja2@3.1.6", "Name": "Jinja2", "Identifier": { "PURL": "pkg:pypi/jinja2@3.1.6", "UID": "da434f11b1babf59", "BOMRef": "pkg:pypi/jinja2@3.1.6" }, "Version": "3.1.6", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/jinja2-3.1.6.dist-info/METADATA", "Digest": "sha1:01c4dcfd579104dd8f5b937e1511e9371b4367d3" }, { "ID": "MarkupSafe@3.0.3", "Name": "MarkupSafe", "Identifier": { "PURL": "pkg:pypi/markupsafe@3.0.3", "UID": "698af619ba71d876", "BOMRef": "pkg:pypi/markupsafe@3.0.3" }, "Version": "3.0.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/markupsafe-3.0.3.dist-info/METADATA", "Digest": "sha1:8ada20dd783a9961d87701f2cd25b0880f23993e" }, { "ID": "PyJWT@2.10.1", "Name": "PyJWT", "Identifier": { "PURL": "pkg:pypi/pyjwt@2.10.1", "UID": "d2b420b0f161d193", "BOMRef": "pkg:pypi/pyjwt@2.10.1" }, "Version": "2.10.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/PyJWT-2.10.1.dist-info/METADATA", "Digest": "sha1:9b853963468881a7cc9764160e5e44401f888dae" }, { "ID": "PyNaCl@1.6.2", "Name": "PyNaCl", "Identifier": { "PURL": "pkg:pypi/pynacl@1.6.2", "UID": "9d4297d182ebdd5e", "BOMRef": "pkg:pypi/pynacl@1.6.2" }, "Version": "1.6.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pynacl-1.6.2.dist-info/METADATA", "Digest": "sha1:51eed4f0f5e4d39bc532c4157c5a3982308b842c" }, { "ID": "PyYAML@6.0.2", "Name": "PyYAML", "Identifier": { "PURL": "pkg:pypi/pyyaml@6.0.2", "UID": "80b41b4db95cc909", "BOMRef": "pkg:pypi/pyyaml@6.0.2" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/PyYAML-6.0.2.dist-info/METADATA", "Digest": "sha1:019874e22eba3861f59a9ab72f17f58e8b504cf4" }, { "ID": "Pygments@2.19.2", "Name": "Pygments", "Identifier": { "PURL": "pkg:pypi/pygments@2.19.2", "UID": "285e5a33a4ff058d", "BOMRef": "pkg:pypi/pygments@2.19.2" }, "Version": "2.19.2", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pygments-2.19.2.dist-info/METADATA", "Digest": "sha1:afee6b8cae57db32719d0559389750d7923f0605" }, { "ID": "Werkzeug@3.1.6", "Name": "Werkzeug", "Identifier": { "PURL": "pkg:pypi/werkzeug@3.1.6", "UID": "5d2e4d7640f90cd5", "BOMRef": "pkg:pypi/werkzeug@3.1.6" }, "Version": "3.1.6", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/werkzeug-3.1.6.dist-info/METADATA", "Digest": "sha1:009a319320a3a8823025adcbb66babf581a30e3e" }, { "ID": "a2a-sdk@0.3.24", "Name": "a2a-sdk", "Identifier": { "PURL": "pkg:pypi/a2a-sdk@0.3.24", "UID": "3f828335cec172f1", "BOMRef": "pkg:pypi/a2a-sdk@0.3.24" }, "Version": "0.3.24", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/a2a_sdk-0.3.24.dist-info/METADATA", "Digest": "sha1:84b66f1657f33e3448649e936ca3d127225232bf" }, { "ID": "aioboto3@15.5.0", "Name": "aioboto3", "Identifier": { "PURL": "pkg:pypi/aioboto3@15.5.0", "UID": "1229036f2673a321", "BOMRef": "pkg:pypi/aioboto3@15.5.0" }, "Version": "15.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/aioboto3-15.5.0.dist-info/METADATA", "Digest": "sha1:ffd08838a16b51a1cb1807dde93c8b0f990244f5" }, { "ID": "aiobotocore@2.25.1", "Name": "aiobotocore", "Identifier": { "PURL": "pkg:pypi/aiobotocore@2.25.1", "UID": "e10193a37562ea4e", "BOMRef": "pkg:pypi/aiobotocore@2.25.1" }, "Version": "2.25.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/aiobotocore-2.25.1.dist-info/METADATA", "Digest": "sha1:ba7a88ae15a977227d960e17f3cbdb740f04fbfe" }, { "ID": "aiofiles@24.1.0", "Name": "aiofiles", "Identifier": { "PURL": "pkg:pypi/aiofiles@24.1.0", "UID": "ef0faf0786097703", "BOMRef": "pkg:pypi/aiofiles@24.1.0" }, "Version": "24.1.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:174ab832cebc501ed4bca4f443eeea3b152616b2e8f3f874909638de0ce88d3b", "DiffID": "sha256:49c40e11224bf3f8b3768d4680a9a3e8cf8b41452345b944b2712a0d8c439d76" }, "FilePath": "usr/lib/python3.13/site-packages/aiofiles-24.1.0.dist-info/METADATA", "Digest": "sha1:1fee4c4fef706c9737b9ce8e245bbd8dae4e4d16" }, { "ID": "aiohappyeyeballs@2.6.1", "Name": "aiohappyeyeballs", "Identifier": { "PURL": "pkg:pypi/aiohappyeyeballs@2.6.1", "UID": "b6a8f30f6da79604", "BOMRef": "pkg:pypi/aiohappyeyeballs@2.6.1" }, "Version": "2.6.1", "Licenses": [ "Python-Software-Foundation-License" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/aiohappyeyeballs-2.6.1.dist-info/METADATA", "Digest": "sha1:01343f4e8b1584084c09e049bd83675272d9e757" }, { "ID": "aiohttp@3.13.3", "Name": "aiohttp", "Identifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "Version": "3.13.3", "Licenses": [ "Apache-2.0 AND MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "Digest": "sha1:63d65762ed8ded0c65362a1b04e4245d6ab9f170" }, { "ID": "aioitertools@0.13.0", "Name": "aioitertools", "Identifier": { "PURL": "pkg:pypi/aioitertools@0.13.0", "UID": "c2d7c4c9a6b6f779", "BOMRef": "pkg:pypi/aioitertools@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/aioitertools-0.13.0.dist-info/METADATA", "Digest": "sha1:110d571c90f132b20fc32b46c28c3c95b1c7aa94" }, { "ID": "aiosignal@1.4.0", "Name": "aiosignal", "Identifier": { "PURL": "pkg:pypi/aiosignal@1.4.0", "UID": "e5c3dae75a43a8dc", "BOMRef": "pkg:pypi/aiosignal@1.4.0" }, "Version": "1.4.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/aiosignal-1.4.0.dist-info/METADATA", "Digest": "sha1:8752e41cfbbc924405ef6bf9a9ff761cb9a6dbe3" }, { "ID": "annotated-doc@0.0.4", "Name": "annotated-doc", "Identifier": { "PURL": "pkg:pypi/annotated-doc@0.0.4", "UID": "c0256493aa7c5a68", "BOMRef": "pkg:pypi/annotated-doc@0.0.4" }, "Version": "0.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/annotated_doc-0.0.4.dist-info/METADATA", "Digest": "sha1:24d32962e4742a901653d9fe5563c40221ddc6fa" }, { "ID": "annotated-types@0.7.0", "Name": "annotated-types", "Identifier": { "PURL": "pkg:pypi/annotated-types@0.7.0", "UID": "5e42799e93bd86ae", "BOMRef": "pkg:pypi/annotated-types@0.7.0" }, "Version": "0.7.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/annotated_types-0.7.0.dist-info/METADATA", "Digest": "sha1:b11011181822ac765c9f66c8aa42c26952de6a96" }, { "ID": "anthropic@0.54.0", "Name": "anthropic", "Identifier": { "PURL": "pkg:pypi/anthropic@0.54.0", "UID": "85684eb0669a1959", "BOMRef": "pkg:pypi/anthropic@0.54.0" }, "Version": "0.54.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/anthropic-0.54.0.dist-info/METADATA", "Digest": "sha1:7f700d1b4730958f468871fb28a2f4d416f8ed20" }, { "ID": "anyio@4.8.0", "Name": "anyio", "Identifier": { "PURL": "pkg:pypi/anyio@4.8.0", "UID": "753ab404a3cb777d", "BOMRef": "pkg:pypi/anyio@4.8.0" }, "Version": "4.8.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/anyio-4.8.0.dist-info/METADATA", "Digest": "sha1:12b3a6bb5ce68bac1fe5abd01d80d367c0688db2" }, { "ID": "async-generator@1.10", "Name": "async-generator", "Identifier": { "PURL": "pkg:pypi/async-generator@1.10", "UID": "59a87e49ebb59df9", "BOMRef": "pkg:pypi/async-generator@1.10" }, "Version": "1.10", "Licenses": [ "MIT", "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/async_generator-1.10.dist-info/METADATA", "Digest": "sha1:f4fa19d3f3bef3e3604acc54b00e8b8c50ad31c0" }, { "ID": "attrs@25.4.0", "Name": "attrs", "Identifier": { "PURL": "pkg:pypi/attrs@25.4.0", "UID": "e5e9a9be1f0d6ba0", "BOMRef": "pkg:pypi/attrs@25.4.0" }, "Version": "25.4.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/attrs-25.4.0.dist-info/METADATA", "Digest": "sha1:9e593ab8f12d14d819a81ca9c41b9df0b4864a59" }, { "ID": "aurelio-sdk@0.0.19", "Name": "aurelio-sdk", "Identifier": { "PURL": "pkg:pypi/aurelio-sdk@0.0.19", "UID": "58d75b302758e2ea", "BOMRef": "pkg:pypi/aurelio-sdk@0.0.19" }, "Version": "0.0.19", "Layer": { "Digest": "sha256:174ab832cebc501ed4bca4f443eeea3b152616b2e8f3f874909638de0ce88d3b", "DiffID": "sha256:49c40e11224bf3f8b3768d4680a9a3e8cf8b41452345b944b2712a0d8c439d76" }, "FilePath": "usr/lib/python3.13/site-packages/aurelio_sdk-0.0.19.dist-info/METADATA", "Digest": "sha1:bfe4c91a1633b0aa53f4fd1c5bd9f0e22eedfb7a" }, { "ID": "azure-ai-contentsafety@1.0.0", "Name": "azure-ai-contentsafety", "Identifier": { "PURL": "pkg:pypi/azure-ai-contentsafety@1.0.0", "UID": "b8bf77136b36c8c5", "BOMRef": "pkg:pypi/azure-ai-contentsafety@1.0.0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_ai_contentsafety-1.0.0.dist-info/METADATA", "Digest": "sha1:45cc94c9f0a17e313b00a13f7b0f9682654e0feb" }, { "ID": "azure-core@1.38.2", "Name": "azure-core", "Identifier": { "PURL": "pkg:pypi/azure-core@1.38.2", "UID": "e1deb4ebbc528a43", "BOMRef": "pkg:pypi/azure-core@1.38.2" }, "Version": "1.38.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_core-1.38.2.dist-info/METADATA", "Digest": "sha1:ed537c8e4239709c13f2010e79c9e95dfa85046b" }, { "ID": "azure-identity@1.16.1", "Name": "azure-identity", "Identifier": { "PURL": "pkg:pypi/azure-identity@1.16.1", "UID": "85e3f2e5e70d5fd5", "BOMRef": "pkg:pypi/azure-identity@1.16.1" }, "Version": "1.16.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_identity-1.16.1.dist-info/METADATA", "Digest": "sha1:68fdde1864f6c107e1306f736d9b5fefa2acf3a1" }, { "ID": "azure-keyvault@4.2.0", "Name": "azure-keyvault", "Identifier": { "PURL": "pkg:pypi/azure-keyvault@4.2.0", "UID": "fc77e5c5aca092", "BOMRef": "pkg:pypi/azure-keyvault@4.2.0" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_keyvault-4.2.0.dist-info/METADATA", "Digest": "sha1:5da0d813613844740604dfa0c820222a54853a3a" }, { "ID": "azure-keyvault-certificates@4.10.0", "Name": "azure-keyvault-certificates", "Identifier": { "PURL": "pkg:pypi/azure-keyvault-certificates@4.10.0", "UID": "d7f55e09b0aba31e", "BOMRef": "pkg:pypi/azure-keyvault-certificates@4.10.0" }, "Version": "4.10.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_keyvault_certificates-4.10.0.dist-info/METADATA", "Digest": "sha1:8227ff63178e8f5a07e66f234d8c296b189f855b" }, { "ID": "azure-keyvault-keys@4.11.0", "Name": "azure-keyvault-keys", "Identifier": { "PURL": "pkg:pypi/azure-keyvault-keys@4.11.0", "UID": "9f7b8a815df13665", "BOMRef": "pkg:pypi/azure-keyvault-keys@4.11.0" }, "Version": "4.11.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_keyvault_keys-4.11.0.dist-info/METADATA", "Digest": "sha1:61e25dca1cb98e731337b756f4e1bb129413c496" }, { "ID": "azure-keyvault-secrets@4.10.0", "Name": "azure-keyvault-secrets", "Identifier": { "PURL": "pkg:pypi/azure-keyvault-secrets@4.10.0", "UID": "b39ea569b730dccb", "BOMRef": "pkg:pypi/azure-keyvault-secrets@4.10.0" }, "Version": "4.10.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_keyvault_secrets-4.10.0.dist-info/METADATA", "Digest": "sha1:5a8061494c1c50c49fa47eace47c117fe193a0b4" }, { "ID": "azure-storage-blob@12.28.0", "Name": "azure-storage-blob", "Identifier": { "PURL": "pkg:pypi/azure-storage-blob@12.28.0", "UID": "e41b64ee16c697f", "BOMRef": "pkg:pypi/azure-storage-blob@12.28.0" }, "Version": "12.28.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_storage_blob-12.28.0.dist-info/METADATA", "Digest": "sha1:20e7abbd2536ed3374cf440f144cf9ca5c0fb098" }, { "ID": "azure-storage-file-datalake@12.20.0", "Name": "azure-storage-file-datalake", "Identifier": { "PURL": "pkg:pypi/azure-storage-file-datalake@12.20.0", "UID": "5dc44e00ce33e4ab", "BOMRef": "pkg:pypi/azure-storage-file-datalake@12.20.0" }, "Version": "12.20.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/azure_storage_file_datalake-12.20.0.dist-info/METADATA", "Digest": "sha1:cc8ebe204539019788e04a26f2510c35575928c2" }, { "ID": "backoff@2.2.1", "Name": "backoff", "Identifier": { "PURL": "pkg:pypi/backoff@2.2.1", "UID": "ca5875917355bef7", "BOMRef": "pkg:pypi/backoff@2.2.1" }, "Version": "2.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/backoff-2.2.1.dist-info/METADATA", "Digest": "sha1:ea8b96e2947c9fed16b9c4075c30113fe09fac98" }, { "ID": "boto3@1.40.53", "Name": "boto3", "Identifier": { "PURL": "pkg:pypi/boto3@1.40.53", "UID": "cdef1f7fbf3a505a", "BOMRef": "pkg:pypi/boto3@1.40.53" }, "Version": "1.40.53", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/boto3-1.40.53.dist-info/METADATA", "Digest": "sha1:c3cd02ceff510cd405a1b3690f7bf4d54939faf8" }, { "ID": "botocore@1.40.61", "Name": "botocore", "Identifier": { "PURL": "pkg:pypi/botocore@1.40.61", "UID": "448984a8ea7dea73", "BOMRef": "pkg:pypi/botocore@1.40.61" }, "Version": "1.40.61", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/botocore-1.40.61.dist-info/METADATA", "Digest": "sha1:c384355d82af3168472f016558ed2f2e1c77cb85" }, { "ID": "bytecode@0.17.0", "Name": "bytecode", "Identifier": { "PURL": "pkg:pypi/bytecode@0.17.0", "UID": "44ad06ded9a4a814", "BOMRef": "pkg:pypi/bytecode@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/bytecode-0.17.0.dist-info/METADATA", "Digest": "sha1:65fc4772a46510a0f6186e951e866f5e306a8122" }, { "ID": "certifi@2026.2.25", "Name": "certifi", "Identifier": { "PURL": "pkg:pypi/certifi@2026.2.25", "UID": "ff55da87721c3ac4", "BOMRef": "pkg:pypi/certifi@2026.2.25" }, "Version": "2026.2.25", "Licenses": [ "MPL-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/certifi-2026.2.25.dist-info/METADATA", "Digest": "sha1:3aeccd85ea183a5ce98317741cad21a5c0a440ca" }, { "ID": "cffi@2.0.0", "Name": "cffi", "Identifier": { "PURL": "pkg:pypi/cffi@2.0.0", "UID": "e97391541b609e0f", "BOMRef": "pkg:pypi/cffi@2.0.0" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/cffi-2.0.0.dist-info/METADATA", "Digest": "sha1:87e9c9d276c4f4c31f5a314d6a5472f45655674c" }, { "ID": "charset-normalizer@3.4.4", "Name": "charset-normalizer", "Identifier": { "PURL": "pkg:pypi/charset-normalizer@3.4.4", "UID": "dec9fff70ab87569", "BOMRef": "pkg:pypi/charset-normalizer@3.4.4" }, "Version": "3.4.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/charset_normalizer-3.4.4.dist-info/METADATA", "Digest": "sha1:b4512da50486c7909da3992f8d8b67052b9fc03e" }, { "ID": "click@8.1.7", "Name": "click", "Identifier": { "PURL": "pkg:pypi/click@8.1.7", "UID": "3471a7ad6e15d0d9", "BOMRef": "pkg:pypi/click@8.1.7" }, "Version": "8.1.7", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/click-8.1.7.dist-info/METADATA", "Digest": "sha1:5c33361d71534572b6d2d3edd15ac9bad78b59c6" }, { "ID": "coloredlogs@15.0.1", "Name": "coloredlogs", "Identifier": { "PURL": "pkg:pypi/coloredlogs@15.0.1", "UID": "1edf8ad977afd7a", "BOMRef": "pkg:pypi/coloredlogs@15.0.1" }, "Version": "15.0.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/coloredlogs-15.0.1.dist-info/METADATA", "Digest": "sha1:79d72bae2e23b677e384dedda06c6e922912aac1" }, { "ID": "colorlog@6.10.1", "Name": "colorlog", "Identifier": { "PURL": "pkg:pypi/colorlog@6.10.1", "UID": "c32729cbbbe6293c", "BOMRef": "pkg:pypi/colorlog@6.10.1" }, "Version": "6.10.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:174ab832cebc501ed4bca4f443eeea3b152616b2e8f3f874909638de0ce88d3b", "DiffID": "sha256:49c40e11224bf3f8b3768d4680a9a3e8cf8b41452345b944b2712a0d8c439d76" }, "FilePath": "usr/lib/python3.13/site-packages/colorlog-6.10.1.dist-info/METADATA", "Digest": "sha1:1e483d118fd419ad747606c4077726b5c4eb324e" }, { "ID": "cryptography@46.0.5", "Name": "cryptography", "Identifier": { "PURL": "pkg:pypi/cryptography@46.0.5", "UID": "30400e84e7b8acf7", "BOMRef": "pkg:pypi/cryptography@46.0.5" }, "Version": "46.0.5", "Licenses": [ "Apache-2.0 OR BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/cryptography-46.0.5.dist-info/METADATA", "Digest": "sha1:bb40494ca8c495e6edf1214d419d44d57ad11f23" }, { "ID": "ddtrace@2.19.0", "Name": "ddtrace", "Identifier": { "PURL": "pkg:pypi/ddtrace@2.19.0", "UID": "6a5c862f22ee25fc", "BOMRef": "pkg:pypi/ddtrace@2.19.0" }, "Version": "2.19.0", "Licenses": [ "LICENSE.BSD3" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/ddtrace-2.19.0.dist-info/METADATA", "Digest": "sha1:2ebcd7579775a117bf5f63f482aaee4629f69fe4" }, { "ID": "detect-secrets@1.5.0", "Name": "detect-secrets", "Identifier": { "PURL": "pkg:pypi/detect-secrets@1.5.0", "UID": "5473d2fe262535bb", "BOMRef": "pkg:pypi/detect-secrets@1.5.0" }, "Version": "1.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/detect_secrets-1.5.0.dist-info/METADATA", "Digest": "sha1:7d1969bbb2f0319f127b480fe77211aa27750fe0" }, { "ID": "distro@1.9.0", "Name": "distro", "Identifier": { "PURL": "pkg:pypi/distro@1.9.0", "UID": "62d8208625df3bcd", "BOMRef": "pkg:pypi/distro@1.9.0" }, "Version": "1.9.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/distro-1.9.0.dist-info/METADATA", "Digest": "sha1:ce14620cf14e15a64d2ff574796543f99619e7f3" }, { "ID": "dnspython@2.8.0", "Name": "dnspython", "Identifier": { "PURL": "pkg:pypi/dnspython@2.8.0", "UID": "3ce6577e30f17dc7", "BOMRef": "pkg:pypi/dnspython@2.8.0" }, "Version": "2.8.0", "Licenses": [ "ISC" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/dnspython-2.8.0.dist-info/METADATA", "Digest": "sha1:360d6b80b919fa0fc9e41d101229c937531c4eae" }, { "ID": "docstring_parser@0.17.0", "Name": "docstring_parser", "Identifier": { "PURL": "pkg:pypi/docstring-parser@0.17.0", "UID": "fe3b473c5b5e5e0a", "BOMRef": "pkg:pypi/docstring-parser@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/docstring_parser-0.17.0.dist-info/METADATA", "Digest": "sha1:323acb9780928a71e223759cfc8be2793bec7072" }, { "ID": "email-validator@2.3.0", "Name": "email-validator", "Identifier": { "PURL": "pkg:pypi/email-validator@2.3.0", "UID": "6c9d6076e21d924d", "BOMRef": "pkg:pypi/email-validator@2.3.0" }, "Version": "2.3.0", "Licenses": [ "Unlicense" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/email_validator-2.3.0.dist-info/METADATA", "Digest": "sha1:8142c15247202bec284e8950c96b7f43b35ca5bc" }, { "ID": "envier@0.6.1", "Name": "envier", "Identifier": { "PURL": "pkg:pypi/envier@0.6.1", "UID": "22212ecaa30e9f70", "BOMRef": "pkg:pypi/envier@0.6.1" }, "Version": "0.6.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/envier-0.6.1.dist-info/METADATA", "Digest": "sha1:ecb20fe2699b6e8934bacad17926b535edc4ec40" }, { "ID": "fastapi@0.120.1", "Name": "fastapi", "Identifier": { "PURL": "pkg:pypi/fastapi@0.120.1", "UID": "44a6a55af685efd4", "BOMRef": "pkg:pypi/fastapi@0.120.1" }, "Version": "0.120.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/fastapi-0.120.1.dist-info/METADATA", "Digest": "sha1:dea486b90696587ab48cbda958327ec048f93eb3" }, { "ID": "fastapi-sso@0.19.0", "Name": "fastapi-sso", "Identifier": { "PURL": "pkg:pypi/fastapi-sso@0.19.0", "UID": "89a5f16558feb8b9", "BOMRef": "pkg:pypi/fastapi-sso@0.19.0" }, "Version": "0.19.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/fastapi_sso-0.19.0.dist-info/METADATA", "Digest": "sha1:f08f145ee8c7c5c113436e3ba3fb8f1081e8a6fc" }, { "ID": "fastuuid@0.13.5", "Name": "fastuuid", "Identifier": { "PURL": "pkg:pypi/fastuuid@0.13.5", "UID": "ec9f97e1e6523d25", "BOMRef": "pkg:pypi/fastuuid@0.13.5" }, "Version": "0.13.5", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/fastuuid-0.13.5.dist-info/METADATA", "Digest": "sha1:589a21152a88244902586741669f828037c88a4f" }, { "ID": "filelock@3.24.3", "Name": "filelock", "Identifier": { "PURL": "pkg:pypi/filelock@3.24.3", "UID": "57784e5c48783bf2", "BOMRef": "pkg:pypi/filelock@3.24.3" }, "Version": "3.24.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/filelock-3.24.3.dist-info/METADATA", "Digest": "sha1:6c9686f542a1ba8f10bad8e5ba9b13c5f18a97a7" }, { "ID": "frozenlist@1.8.0", "Name": "frozenlist", "Identifier": { "PURL": "pkg:pypi/frozenlist@1.8.0", "UID": "f1b6d42175964feb", "BOMRef": "pkg:pypi/frozenlist@1.8.0" }, "Version": "1.8.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/frozenlist-1.8.0.dist-info/METADATA", "Digest": "sha1:4a37873aab1c5eaffcecd2aa93be12e9e4b2a19c" }, { "ID": "fsspec@2026.2.0", "Name": "fsspec", "Identifier": { "PURL": "pkg:pypi/fsspec@2026.2.0", "UID": "b5953102768491e3", "BOMRef": "pkg:pypi/fsspec@2026.2.0" }, "Version": "2026.2.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/fsspec-2026.2.0.dist-info/METADATA", "Digest": "sha1:cd54bba9ec98bc422bda0b342e83ea43099aa174" }, { "ID": "google-api-core@2.30.0", "Name": "google-api-core", "Identifier": { "PURL": "pkg:pypi/google-api-core@2.30.0", "UID": "aa8a618959909147", "BOMRef": "pkg:pypi/google-api-core@2.30.0" }, "Version": "2.30.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_api_core-2.30.0.dist-info/METADATA", "Digest": "sha1:824f9344ce88f9566c9d9173847e9ea97143d293" }, { "ID": "google-auth@2.48.0", "Name": "google-auth", "Identifier": { "PURL": "pkg:pypi/google-auth@2.48.0", "UID": "6fbed7fe7903e97b", "BOMRef": "pkg:pypi/google-auth@2.48.0" }, "Version": "2.48.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_auth-2.48.0.dist-info/METADATA", "Digest": "sha1:fd3435e29361652b2f4e7fd3e2297c149025e051" }, { "ID": "google-cloud-aiplatform@1.133.0", "Name": "google-cloud-aiplatform", "Identifier": { "PURL": "pkg:pypi/google-cloud-aiplatform@1.133.0", "UID": "b003ea838f9caa7", "BOMRef": "pkg:pypi/google-cloud-aiplatform@1.133.0" }, "Version": "1.133.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_aiplatform-1.133.0.dist-info/METADATA", "Digest": "sha1:23483b425b0649936a17defd0158d0f6c03ca503" }, { "ID": "google-cloud-bigquery@3.40.1", "Name": "google-cloud-bigquery", "Identifier": { "PURL": "pkg:pypi/google-cloud-bigquery@3.40.1", "UID": "ef1be83bb2a1095a", "BOMRef": "pkg:pypi/google-cloud-bigquery@3.40.1" }, "Version": "3.40.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_bigquery-3.40.1.dist-info/METADATA", "Digest": "sha1:ce2316758a0520c903eb5522d5cf1f39c2c7aa0b" }, { "ID": "google-cloud-core@2.5.0", "Name": "google-cloud-core", "Identifier": { "PURL": "pkg:pypi/google-cloud-core@2.5.0", "UID": "b4497e40cd9daf1f", "BOMRef": "pkg:pypi/google-cloud-core@2.5.0" }, "Version": "2.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_core-2.5.0.dist-info/METADATA", "Digest": "sha1:2353786cf89c5a50fc3a68db6736b632754e1b76" }, { "ID": "google-cloud-iam@2.19.1", "Name": "google-cloud-iam", "Identifier": { "PURL": "pkg:pypi/google-cloud-iam@2.19.1", "UID": "c583ad08d5f026c1", "BOMRef": "pkg:pypi/google-cloud-iam@2.19.1" }, "Version": "2.19.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_iam-2.19.1.dist-info/METADATA", "Digest": "sha1:28391d5c4dd89160b13ec2ef8c597d3164c4c91a" }, { "ID": "google-cloud-resource-manager@1.16.0", "Name": "google-cloud-resource-manager", "Identifier": { "PURL": "pkg:pypi/google-cloud-resource-manager@1.16.0", "UID": "8d72781cc8846b62", "BOMRef": "pkg:pypi/google-cloud-resource-manager@1.16.0" }, "Version": "1.16.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_resource_manager-1.16.0.dist-info/METADATA", "Digest": "sha1:94bdb211cfd6933e89c9e8f1833e3fcb28caae26" }, { "ID": "google-cloud-storage@3.9.0", "Name": "google-cloud-storage", "Identifier": { "PURL": "pkg:pypi/google-cloud-storage@3.9.0", "UID": "3deca600e34dde6a", "BOMRef": "pkg:pypi/google-cloud-storage@3.9.0" }, "Version": "3.9.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_cloud_storage-3.9.0.dist-info/METADATA", "Digest": "sha1:08b50a67c834baff46cb246b9b9d9d6c90ad3a65" }, { "ID": "google-crc32c@1.8.0", "Name": "google-crc32c", "Identifier": { "PURL": "pkg:pypi/google-crc32c@1.8.0", "UID": "67864cdd3b810d10", "BOMRef": "pkg:pypi/google-crc32c@1.8.0" }, "Version": "1.8.0", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_crc32c-1.8.0.dist-info/METADATA", "Digest": "sha1:740ce2636255b7035fbcef210995df5b4484e1b3" }, { "ID": "google-genai@1.37.0", "Name": "google-genai", "Identifier": { "PURL": "pkg:pypi/google-genai@1.37.0", "UID": "1a376feb6c4ec689", "BOMRef": "pkg:pypi/google-genai@1.37.0" }, "Version": "1.37.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_genai-1.37.0.dist-info/METADATA", "Digest": "sha1:3399706a56fa0d50853cb580a1e032f80a3d4654" }, { "ID": "google-resumable-media@2.8.0", "Name": "google-resumable-media", "Identifier": { "PURL": "pkg:pypi/google-resumable-media@2.8.0", "UID": "bd5f77355b9402f9", "BOMRef": "pkg:pypi/google-resumable-media@2.8.0" }, "Version": "2.8.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/google_resumable_media-2.8.0.dist-info/METADATA", "Digest": "sha1:a0a8dc418f86589aa080bb59708ed5aee38faacc" }, { "ID": "googleapis-common-protos@1.72.0", "Name": "googleapis-common-protos", "Identifier": { "PURL": "pkg:pypi/googleapis-common-protos@1.72.0", "UID": "e69267d2e3fa597c", "BOMRef": "pkg:pypi/googleapis-common-protos@1.72.0" }, "Version": "1.72.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/googleapis_common_protos-1.72.0.dist-info/METADATA", "Digest": "sha1:78df7b249d5272b19c5adc5c8a9b3b2dee57311c" }, { "ID": "grpc-google-iam-v1@0.14.3", "Name": "grpc-google-iam-v1", "Identifier": { "PURL": "pkg:pypi/grpc-google-iam-v1@0.14.3", "UID": "ed3f77f0838a3237", "BOMRef": "pkg:pypi/grpc-google-iam-v1@0.14.3" }, "Version": "0.14.3", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/grpc_google_iam_v1-0.14.3.dist-info/METADATA", "Digest": "sha1:98adc7e2fe504130f48db8ccb34db6820d396145" }, { "ID": "grpcio@1.78.1", "Name": "grpcio", "Identifier": { "PURL": "pkg:pypi/grpcio@1.78.1", "UID": "ad8e8674050816d2", "BOMRef": "pkg:pypi/grpcio@1.78.1" }, "Version": "1.78.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/grpcio-1.78.1.dist-info/METADATA", "Digest": "sha1:e9f3ec7472afdf9e994e454aa7519c24fb1ed336" }, { "ID": "grpcio-status@1.71.2", "Name": "grpcio-status", "Identifier": { "PURL": "pkg:pypi/grpcio-status@1.71.2", "UID": "9cbec3479b0cf3fd", "BOMRef": "pkg:pypi/grpcio-status@1.71.2" }, "Version": "1.71.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/grpcio_status-1.71.2.dist-info/METADATA", "Digest": "sha1:bd80c647a0df7d5b9bda31af73fa704ff4e50c9f" }, { "ID": "gunicorn@23.0.0", "Name": "gunicorn", "Identifier": { "PURL": "pkg:pypi/gunicorn@23.0.0", "UID": "98c80f142cd31701", "BOMRef": "pkg:pypi/gunicorn@23.0.0" }, "Version": "23.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/gunicorn-23.0.0.dist-info/METADATA", "Digest": "sha1:8de2f53497d5444853a1df1f44ff417831194283" }, { "ID": "h11@0.16.0", "Name": "h11", "Identifier": { "PURL": "pkg:pypi/h11@0.16.0", "UID": "3925e1a7c94561c4", "BOMRef": "pkg:pypi/h11@0.16.0" }, "Version": "0.16.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/h11-0.16.0.dist-info/METADATA", "Digest": "sha1:5d41eddffefef5f6e8ff383a2537e81a38a37807" }, { "ID": "hf-xet@1.3.1", "Name": "hf-xet", "Identifier": { "PURL": "pkg:pypi/hf-xet@1.3.1", "UID": "431ab2097449c263", "BOMRef": "pkg:pypi/hf-xet@1.3.1" }, "Version": "1.3.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/hf_xet-1.3.1.dist-info/METADATA", "Digest": "sha1:8aeac3ee9e1e9f6a584bc261a0d31ce72952f665" }, { "ID": "httpcore@1.0.9", "Name": "httpcore", "Identifier": { "PURL": "pkg:pypi/httpcore@1.0.9", "UID": "3569ea28a9685c3e", "BOMRef": "pkg:pypi/httpcore@1.0.9" }, "Version": "1.0.9", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/httpcore-1.0.9.dist-info/METADATA", "Digest": "sha1:2981d359ae33f31d339189a9680db85785339a56" }, { "ID": "httpx@0.28.1", "Name": "httpx", "Identifier": { "PURL": "pkg:pypi/httpx@0.28.1", "UID": "2b0f7e865491fa8", "BOMRef": "pkg:pypi/httpx@0.28.1" }, "Version": "0.28.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/httpx-0.28.1.dist-info/METADATA", "Digest": "sha1:537da7e4f29438278e124e10e02d1a500fe33bcc" }, { "ID": "httpx-sse@0.4.3", "Name": "httpx-sse", "Identifier": { "PURL": "pkg:pypi/httpx-sse@0.4.3", "UID": "3c3520202a1e031d", "BOMRef": "pkg:pypi/httpx-sse@0.4.3" }, "Version": "0.4.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/httpx_sse-0.4.3.dist-info/METADATA", "Digest": "sha1:df05446be58f0a3a306e50c7ceebef24bb383a6d" }, { "ID": "huggingface_hub@0.36.2", "Name": "huggingface_hub", "Identifier": { "PURL": "pkg:pypi/huggingface-hub@0.36.2", "UID": "bd8aea03da871f25", "BOMRef": "pkg:pypi/huggingface-hub@0.36.2" }, "Version": "0.36.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/huggingface_hub-0.36.2.dist-info/METADATA", "Digest": "sha1:c3fb68f58f110a4308ea41f02a48f890697481fe" }, { "ID": "humanfriendly@10.0", "Name": "humanfriendly", "Identifier": { "PURL": "pkg:pypi/humanfriendly@10.0", "UID": "fb57ccdd9afbc18", "BOMRef": "pkg:pypi/humanfriendly@10.0" }, "Version": "10.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/humanfriendly-10.0.dist-info/METADATA", "Digest": "sha1:f29e22413e2b6ed83b0bd7935acd2dbb1d830f40" }, { "ID": "idna@3.11", "Name": "idna", "Identifier": { "PURL": "pkg:pypi/idna@3.11", "UID": "4e517f0ee714d376", "BOMRef": "pkg:pypi/idna@3.11" }, "Version": "3.11", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/idna-3.11.dist-info/METADATA", "Digest": "sha1:5e73674d19cce0601253436a2e5544abe09b9bc3" }, { "ID": "importlib-metadata@6.8.0", "Name": "importlib-metadata", "Identifier": { "PURL": "pkg:pypi/importlib-metadata@6.8.0", "UID": "3eb1190d203a2e5d", "BOMRef": "pkg:pypi/importlib-metadata@6.8.0" }, "Version": "6.8.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/importlib_metadata-6.8.0.dist-info/METADATA", "Digest": "sha1:691851957e4c1cce8fa41d0f23cd83355dbb8756" }, { "ID": "isodate@0.7.2", "Name": "isodate", "Identifier": { "PURL": "pkg:pypi/isodate@0.7.2", "UID": "cbbd54aa2a8f2060", "BOMRef": "pkg:pypi/isodate@0.7.2" }, "Version": "0.7.2", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/isodate-0.7.2.dist-info/METADATA", "Digest": "sha1:364399ca9e27df70628e3aff9c8b7b1da601f95d" }, { "ID": "jaraco.context@6.1.0", "Name": "jaraco.context", "Identifier": { "PURL": "pkg:pypi/jaraco.context@6.1.0", "UID": "f0706f6c5921298e", "BOMRef": "pkg:pypi/jaraco.context@6.1.0" }, "Version": "6.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/jaraco_context-6.1.0.dist-info/METADATA", "Digest": "sha1:c1ba70653abadb34b0a0e792b9b7025b6a4d7b3e" }, { "ID": "jiter@0.13.0", "Name": "jiter", "Identifier": { "PURL": "pkg:pypi/jiter@0.13.0", "UID": "11167d13275a096e", "BOMRef": "pkg:pypi/jiter@0.13.0" }, "Version": "0.13.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/jiter-0.13.0.dist-info/METADATA", "Digest": "sha1:2a9f923809d4a5bfa70b5c8d13e698904f4eca60" }, { "ID": "jmespath@1.1.0", "Name": "jmespath", "Identifier": { "PURL": "pkg:pypi/jmespath@1.1.0", "UID": "ec7d09644f8ed8ff", "BOMRef": "pkg:pypi/jmespath@1.1.0" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/jmespath-1.1.0.dist-info/METADATA", "Digest": "sha1:d3f297922cf04b0cc127a18994ad6e6b947f0cc7" }, { "ID": "jsonschema@4.26.0", "Name": "jsonschema", "Identifier": { "PURL": "pkg:pypi/jsonschema@4.26.0", "UID": "3f8b65d6099c5cfa", "BOMRef": "pkg:pypi/jsonschema@4.26.0" }, "Version": "4.26.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/jsonschema-4.26.0.dist-info/METADATA", "Digest": "sha1:94b3d1a46cf55d74e42c401eaf4a4b71c76cee31" }, { "ID": "jsonschema-path@0.3.4", "Name": "jsonschema-path", "Identifier": { "PURL": "pkg:pypi/jsonschema-path@0.3.4", "UID": "3c7f482096dafa74", "BOMRef": "pkg:pypi/jsonschema-path@0.3.4" }, "Version": "0.3.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/jsonschema_path-0.3.4.dist-info/METADATA", "Digest": "sha1:48b69894bc45f3344dbe1daa7be14933b12db09a" }, { "ID": "jsonschema-specifications@2025.9.1", "Name": "jsonschema-specifications", "Identifier": { "PURL": "pkg:pypi/jsonschema-specifications@2025.9.1", "UID": "a7da05e0fe4b8270", "BOMRef": "pkg:pypi/jsonschema-specifications@2025.9.1" }, "Version": "2025.9.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/jsonschema_specifications-2025.9.1.dist-info/METADATA", "Digest": "sha1:ac33f477be9d3336ae67bc454f68a9ff39c91cf3" }, { "ID": "langfuse@2.59.7", "Name": "langfuse", "Identifier": { "PURL": "pkg:pypi/langfuse@2.59.7", "UID": "460fb7ae8ea89299", "BOMRef": "pkg:pypi/langfuse@2.59.7" }, "Version": "2.59.7", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/langfuse-2.59.7.dist-info/METADATA", "Digest": "sha1:64b00766ce586ee8bc229e1d1c519bbbaccf82af" }, { "ID": "lazy-object-proxy@1.12.0", "Name": "lazy-object-proxy", "Identifier": { "PURL": "pkg:pypi/lazy-object-proxy@1.12.0", "UID": "761f41216eff4814", "BOMRef": "pkg:pypi/lazy-object-proxy@1.12.0" }, "Version": "1.12.0", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/lazy_object_proxy-1.12.0.dist-info/METADATA", "Digest": "sha1:68e349fa87b22a25e3af674e29698bb08d37a074" }, { "ID": "legacy-cgi@2.6.4", "Name": "legacy-cgi", "Identifier": { "PURL": "pkg:pypi/legacy-cgi@2.6.4", "UID": "c619820eac26805a", "BOMRef": "pkg:pypi/legacy-cgi@2.6.4" }, "Version": "2.6.4", "Licenses": [ "PSF-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/legacy_cgi-2.6.4.dist-info/METADATA", "Digest": "sha1:23159c15d8f7c3223df17c75f23eb2d59ef58128" }, { "ID": "litellm@1.81.15", "Name": "litellm", "Identifier": { "PURL": "pkg:pypi/litellm@1.81.15", "UID": "2637be1bcc47612", "BOMRef": "pkg:pypi/litellm@1.81.15" }, "Version": "1.81.15", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/litellm-1.81.15.dist-info/METADATA", "Digest": "sha1:8ef7d5e32f68cce6d0694c30ffd9f3d5c3c882b3" }, { "ID": "litellm-enterprise@0.1.32", "Name": "litellm-enterprise", "Identifier": { "PURL": "pkg:pypi/litellm-enterprise@0.1.32", "UID": "e0a17a56dfcc2bbc", "BOMRef": "pkg:pypi/litellm-enterprise@0.1.32" }, "Version": "0.1.32", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/litellm_enterprise-0.1.32.dist-info/METADATA", "Digest": "sha1:47149694cb58a89bda47e23c5c7a341e04c64bf1" }, { "ID": "litellm-proxy-extras@0.4.47", "Name": "litellm-proxy-extras", "Identifier": { "PURL": "pkg:pypi/litellm-proxy-extras@0.4.47", "UID": "98edf567e22b2bfe", "BOMRef": "pkg:pypi/litellm-proxy-extras@0.4.47" }, "Version": "0.4.47", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/litellm_proxy_extras-0.4.47.dist-info/METADATA", "Digest": "sha1:f676615a300ff4e8dc01a62f0f45bd9ba1a76315" }, { "ID": "llm-sandbox@0.3.31", "Name": "llm-sandbox", "Identifier": { "PURL": "pkg:pypi/llm-sandbox@0.3.31", "UID": "c9cdca86a3e4317b", "BOMRef": "pkg:pypi/llm-sandbox@0.3.31" }, "Version": "0.3.31", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/llm_sandbox-0.3.31.dist-info/METADATA", "Digest": "sha1:85bb0474aad9559dff054282fdd4b29a4f92a80e" }, { "ID": "mangum@0.17.0", "Name": "mangum", "Identifier": { "PURL": "pkg:pypi/mangum@0.17.0", "UID": "d84ef27f1e9a9417", "BOMRef": "pkg:pypi/mangum@0.17.0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/mangum-0.17.0.dist-info/METADATA", "Digest": "sha1:0957be909988180dffafaf9c6ef2301be9a0739b" }, { "ID": "markdown-it-py@4.0.0", "Name": "markdown-it-py", "Identifier": { "PURL": "pkg:pypi/markdown-it-py@4.0.0", "UID": "c1ca805e345f18e4", "BOMRef": "pkg:pypi/markdown-it-py@4.0.0" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/markdown_it_py-4.0.0.dist-info/METADATA", "Digest": "sha1:0cee543cadd1bdc67e8d1acd6fae8cc419523f4c" }, { "ID": "mcp@1.25.0", "Name": "mcp", "Identifier": { "PURL": "pkg:pypi/mcp@1.25.0", "UID": "76bf0501e49096d2", "BOMRef": "pkg:pypi/mcp@1.25.0" }, "Version": "1.25.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/mcp-1.25.0.dist-info/METADATA", "Digest": "sha1:c86fd9fb3b07f6b9cb4a3ade6abcc16c1c763399" }, { "ID": "mdurl@0.1.2", "Name": "mdurl", "Identifier": { "PURL": "pkg:pypi/mdurl@0.1.2", "UID": "8c14eb5b0f37dae4", "BOMRef": "pkg:pypi/mdurl@0.1.2" }, "Version": "0.1.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/mdurl-0.1.2.dist-info/METADATA", "Digest": "sha1:cc9d84bf84be59dd90368ea2f5e3a9fae8f0f1b7" }, { "ID": "ml-dtypes@0.4.1", "Name": "ml-dtypes", "Identifier": { "PURL": "pkg:pypi/ml-dtypes@0.4.1", "UID": "15921a878a09cb95", "BOMRef": "pkg:pypi/ml-dtypes@0.4.1" }, "Version": "0.4.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/ml_dtypes-0.4.1.dist-info/METADATA", "Digest": "sha1:28e53cadb8495b4a770c99d9392b1c79a14f4c8d" }, { "ID": "more-itertools@10.8.0", "Name": "more-itertools", "Identifier": { "PURL": "pkg:pypi/more-itertools@10.8.0", "UID": "412a6e434c60edff", "BOMRef": "pkg:pypi/more-itertools@10.8.0" }, "Version": "10.8.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/more_itertools-10.8.0.dist-info/METADATA", "Digest": "sha1:55aef894a0f39f280471306f0c5ecf3730ff5863" }, { "ID": "msal@1.35.0", "Name": "msal", "Identifier": { "PURL": "pkg:pypi/msal@1.35.0", "UID": "637ea06fe061b6c9", "BOMRef": "pkg:pypi/msal@1.35.0" }, "Version": "1.35.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/msal-1.35.0.dist-info/METADATA", "Digest": "sha1:6609547c107ac680d84209dbe02045ceb3ac1476" }, { "ID": "msal-extensions@1.3.1", "Name": "msal-extensions", "Identifier": { "PURL": "pkg:pypi/msal-extensions@1.3.1", "UID": "12fe2928c5df01e6", "BOMRef": "pkg:pypi/msal-extensions@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/msal_extensions-1.3.1.dist-info/METADATA", "Digest": "sha1:41015e491016a80539109491a22adb22f7c7dddd" }, { "ID": "multidict@6.7.1", "Name": "multidict", "Identifier": { "PURL": "pkg:pypi/multidict@6.7.1", "UID": "e1fba4cec0ea57c2", "BOMRef": "pkg:pypi/multidict@6.7.1" }, "Version": "6.7.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/multidict-6.7.1.dist-info/METADATA", "Digest": "sha1:216b572c03dd786e9e08cb0ed5e833a9ec0fd494" }, { "ID": "nodeenv@1.10.0", "Name": "nodeenv", "Identifier": { "PURL": "pkg:pypi/nodeenv@1.10.0", "UID": "92122ea349b73437", "BOMRef": "pkg:pypi/nodeenv@1.10.0" }, "Version": "1.10.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodeenv-1.10.0.dist-info/METADATA", "Digest": "sha1:1b29a746e209117735cc705714358dbf9e858eb4" }, { "ID": "nodejs-wheel-binaries@24.13.1", "Name": "nodejs-wheel-binaries", "Identifier": { "PURL": "pkg:pypi/nodejs-wheel-binaries@24.13.1", "UID": "7c172c3223578681", "BOMRef": "pkg:pypi/nodejs-wheel-binaries@24.13.1" }, "Version": "24.13.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/nodejs_wheel_binaries-24.13.1.dist-info/METADATA", "Digest": "sha1:9ae91a866196ce7d03c5ecaf3c513503bee6933f" }, { "ID": "numpy@2.4.2", "Name": "numpy", "Identifier": { "PURL": "pkg:pypi/numpy@2.4.2", "UID": "fd4d6ffa0d2be713", "BOMRef": "pkg:pypi/numpy@2.4.2" }, "Version": "2.4.2", "Licenses": [ "BSD-3-Clause AND 0BSD AND MIT AND Zlib AND CC0-1.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/numpy-2.4.2.dist-info/METADATA", "Digest": "sha1:f78437e3f7066f0441d6e9a7c34ce6f6a66871a5" }, { "ID": "oauthlib@3.3.1", "Name": "oauthlib", "Identifier": { "PURL": "pkg:pypi/oauthlib@3.3.1", "UID": "4327c98e91e1e284", "BOMRef": "pkg:pypi/oauthlib@3.3.1" }, "Version": "3.3.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/oauthlib-3.3.1.dist-info/METADATA", "Digest": "sha1:9ba5229bceb66742065501d44c4e07f8b401d4c8" }, { "ID": "openai@2.9.0", "Name": "openai", "Identifier": { "PURL": "pkg:pypi/openai@2.9.0", "UID": "b5b22f1beec2d44f", "BOMRef": "pkg:pypi/openai@2.9.0" }, "Version": "2.9.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/openai-2.9.0.dist-info/METADATA", "Digest": "sha1:3a50a52d05f9d1a9114c73731816df78928764c0" }, { "ID": "openapi-core@0.21.0", "Name": "openapi-core", "Identifier": { "PURL": "pkg:pypi/openapi-core@0.21.0", "UID": "c1da1ee5ead0e994", "BOMRef": "pkg:pypi/openapi-core@0.21.0" }, "Version": "0.21.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/openapi_core-0.21.0.dist-info/METADATA", "Digest": "sha1:23d2501e93de078ce5136cd7b4e20a7463c210f4" }, { "ID": "openapi-schema-validator@0.6.3", "Name": "openapi-schema-validator", "Identifier": { "PURL": "pkg:pypi/openapi-schema-validator@0.6.3", "UID": "b1afe81ee7b93a9", "BOMRef": "pkg:pypi/openapi-schema-validator@0.6.3" }, "Version": "0.6.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/openapi_schema_validator-0.6.3.dist-info/METADATA", "Digest": "sha1:94ac2dfdccefaac1f8f6efc0ce4e4713274af79f" }, { "ID": "openapi-spec-validator@0.7.2", "Name": "openapi-spec-validator", "Identifier": { "PURL": "pkg:pypi/openapi-spec-validator@0.7.2", "UID": "6ac20593b97de003", "BOMRef": "pkg:pypi/openapi-spec-validator@0.7.2" }, "Version": "0.7.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/openapi_spec_validator-0.7.2.dist-info/METADATA", "Digest": "sha1:3b8226cdb965b31b940c1bfaba9d0b337cc0c8f8" }, { "ID": "opentelemetry-api@1.28.0", "Name": "opentelemetry-api", "Identifier": { "PURL": "pkg:pypi/opentelemetry-api@1.28.0", "UID": "f2c6638b587f8e6c", "BOMRef": "pkg:pypi/opentelemetry-api@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_api-1.28.0.dist-info/METADATA", "Digest": "sha1:fa7a37347c7a77b570878666db0821d85e58a470" }, { "ID": "opentelemetry-exporter-otlp@1.28.0", "Name": "opentelemetry-exporter-otlp", "Identifier": { "PURL": "pkg:pypi/opentelemetry-exporter-otlp@1.28.0", "UID": "dcb9e313de8311a0", "BOMRef": "pkg:pypi/opentelemetry-exporter-otlp@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_exporter_otlp-1.28.0.dist-info/METADATA", "Digest": "sha1:02d9d528c93b4a483c217803ff2b5b14dff509ef" }, { "ID": "opentelemetry-exporter-otlp-proto-common@1.28.0", "Name": "opentelemetry-exporter-otlp-proto-common", "Identifier": { "PURL": "pkg:pypi/opentelemetry-exporter-otlp-proto-common@1.28.0", "UID": "457a2d036b6aa0f3", "BOMRef": "pkg:pypi/opentelemetry-exporter-otlp-proto-common@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_exporter_otlp_proto_common-1.28.0.dist-info/METADATA", "Digest": "sha1:9b898d5238fd7ac09e303fb6fddbe084603de874" }, { "ID": "opentelemetry-exporter-otlp-proto-grpc@1.28.0", "Name": "opentelemetry-exporter-otlp-proto-grpc", "Identifier": { "PURL": "pkg:pypi/opentelemetry-exporter-otlp-proto-grpc@1.28.0", "UID": "cf6ee124e6f39cf7", "BOMRef": "pkg:pypi/opentelemetry-exporter-otlp-proto-grpc@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_exporter_otlp_proto_grpc-1.28.0.dist-info/METADATA", "Digest": "sha1:4d2e1a9be4c683f90b3116732d154d789efb6de5" }, { "ID": "opentelemetry-exporter-otlp-proto-http@1.28.0", "Name": "opentelemetry-exporter-otlp-proto-http", "Identifier": { "PURL": "pkg:pypi/opentelemetry-exporter-otlp-proto-http@1.28.0", "UID": "5da4f7e6f5cb968a", "BOMRef": "pkg:pypi/opentelemetry-exporter-otlp-proto-http@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_exporter_otlp_proto_http-1.28.0.dist-info/METADATA", "Digest": "sha1:f7029b101ac39ca429c16dfbfbd1f67d7da1e28c" }, { "ID": "opentelemetry-proto@1.28.0", "Name": "opentelemetry-proto", "Identifier": { "PURL": "pkg:pypi/opentelemetry-proto@1.28.0", "UID": "3d1773d3e4045323", "BOMRef": "pkg:pypi/opentelemetry-proto@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_proto-1.28.0.dist-info/METADATA", "Digest": "sha1:2f4cc88e72c49fd14c43d3160427ec7631e420ba" }, { "ID": "opentelemetry-sdk@1.28.0", "Name": "opentelemetry-sdk", "Identifier": { "PURL": "pkg:pypi/opentelemetry-sdk@1.28.0", "UID": "8cc0ef045adee3f3", "BOMRef": "pkg:pypi/opentelemetry-sdk@1.28.0" }, "Version": "1.28.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_sdk-1.28.0.dist-info/METADATA", "Digest": "sha1:ff78308a4de96861a2b9afbecc1745376f09d82b" }, { "ID": "opentelemetry-semantic-conventions@0.49b0", "Name": "opentelemetry-semantic-conventions", "Identifier": { "PURL": "pkg:pypi/opentelemetry-semantic-conventions@0.49b0", "UID": "45ab4a85e6a1b53e", "BOMRef": "pkg:pypi/opentelemetry-semantic-conventions@0.49b0" }, "Version": "0.49b0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/opentelemetry_semantic_conventions-0.49b0.dist-info/METADATA", "Digest": "sha1:2389733e201fd7a0ec508bbc2f1e32a23488c45e" }, { "ID": "orjson@3.11.7", "Name": "orjson", "Identifier": { "PURL": "pkg:pypi/orjson@3.11.7", "UID": "450470667dd2e3c4", "BOMRef": "pkg:pypi/orjson@3.11.7" }, "Version": "3.11.7", "Licenses": [ "MPL-2.0 AND (Apache-2.0 OR MIT)" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/orjson-3.11.7.dist-info/METADATA", "Digest": "sha1:2b55fc97cbe074ef19ee5b25d2ae0613276e259e" }, { "ID": "packaging@24.2", "Name": "packaging", "Identifier": { "PURL": "pkg:pypi/packaging@24.2", "UID": "21e9332db8fdb89c", "BOMRef": "pkg:pypi/packaging@24.2" }, "Version": "24.2", "Licenses": [ "Apache-2.0", "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/packaging-24.2.dist-info/METADATA", "Digest": "sha1:292b8d19cdc308e072817b6407cac3cb5175a060" }, { "ID": "pathable@0.4.4", "Name": "pathable", "Identifier": { "PURL": "pkg:pypi/pathable@0.4.4", "UID": "92f44418b64bca28", "BOMRef": "pkg:pypi/pathable@0.4.4" }, "Version": "0.4.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pathable-0.4.4.dist-info/METADATA", "Digest": "sha1:866e61605d29a563f1cdd110899065ddb5f2f482" }, { "ID": "pillow@12.1.1", "Name": "pillow", "Identifier": { "PURL": "pkg:pypi/pillow@12.1.1", "UID": "fd415953b2302be7", "BOMRef": "pkg:pypi/pillow@12.1.1" }, "Version": "12.1.1", "Licenses": [ "MIT-CMU" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pillow-12.1.1.dist-info/METADATA", "Digest": "sha1:8ede85617f65f1bcb1404d13c86a40e01897a9b1" }, { "ID": "polars@1.31.0", "Name": "polars", "Identifier": { "PURL": "pkg:pypi/polars@1.31.0", "UID": "e8748782c763ee7e", "BOMRef": "pkg:pypi/polars@1.31.0" }, "Version": "1.31.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/polars-1.31.0.dist-info/METADATA", "Digest": "sha1:9372c8d51ed35260721b244d0f1432df652171cf" }, { "ID": "prisma@0.11.0", "Name": "prisma", "Identifier": { "PURL": "pkg:pypi/prisma@0.11.0", "UID": "a4ce48b2cca08fe4", "BOMRef": "pkg:pypi/prisma@0.11.0" }, "Version": "0.11.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/prisma-0.11.0.dist-info/METADATA", "Digest": "sha1:fad8c94f4fab264e96c18a22151e04c0cdf411b0" }, { "ID": "prometheus_client@0.20.0", "Name": "prometheus_client", "Identifier": { "PURL": "pkg:pypi/prometheus-client@0.20.0", "UID": "f786db5aec02b02c", "BOMRef": "pkg:pypi/prometheus-client@0.20.0" }, "Version": "0.20.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/prometheus_client-0.20.0.dist-info/METADATA", "Digest": "sha1:ca9ab1f552aae8ed12e1084fd9c8347782cb1049" }, { "ID": "propcache@0.4.1", "Name": "propcache", "Identifier": { "PURL": "pkg:pypi/propcache@0.4.1", "UID": "a41e43f3eec7352c", "BOMRef": "pkg:pypi/propcache@0.4.1" }, "Version": "0.4.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/propcache-0.4.1.dist-info/METADATA", "Digest": "sha1:9b2af7eeab4bcb9bad4ba6d407baa00869b8168c" }, { "ID": "proto-plus@1.27.1", "Name": "proto-plus", "Identifier": { "PURL": "pkg:pypi/proto-plus@1.27.1", "UID": "d64320305f59434c", "BOMRef": "pkg:pypi/proto-plus@1.27.1" }, "Version": "1.27.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/proto_plus-1.27.1.dist-info/METADATA", "Digest": "sha1:f256867207ef1543010030633cf2f7669c66591c" }, { "ID": "protobuf@5.29.6", "Name": "protobuf", "Identifier": { "PURL": "pkg:pypi/protobuf@5.29.6", "UID": "34649a9d1398dbcc", "BOMRef": "pkg:pypi/protobuf@5.29.6" }, "Version": "5.29.6", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/protobuf-5.29.6.dist-info/METADATA", "Digest": "sha1:f6ba7e2f92bfad0493f3bdc530ecf2398f28d411" }, { "ID": "pyasn1@0.6.2", "Name": "pyasn1", "Identifier": { "PURL": "pkg:pypi/pyasn1@0.6.2", "UID": "97f0f328a8eac115", "BOMRef": "pkg:pypi/pyasn1@0.6.2" }, "Version": "0.6.2", "Licenses": [ "BSD-2-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pyasn1-0.6.2.dist-info/METADATA", "Digest": "sha1:9e49d4b851f49962151f61b10a5d9c65e5b8eade" }, { "ID": "pyasn1_modules@0.4.2", "Name": "pyasn1_modules", "Identifier": { "PURL": "pkg:pypi/pyasn1-modules@0.4.2", "UID": "dab4318cfb18f93b", "BOMRef": "pkg:pypi/pyasn1-modules@0.4.2" }, "Version": "0.4.2", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pyasn1_modules-0.4.2.dist-info/METADATA", "Digest": "sha1:ff67c376a06e456e4caa8a256505a2298f5e7141" }, { "ID": "pycparser@3.0", "Name": "pycparser", "Identifier": { "PURL": "pkg:pypi/pycparser@3.0", "UID": "4d5be7c9372448d8", "BOMRef": "pkg:pypi/pycparser@3.0" }, "Version": "3.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pycparser-3.0.dist-info/METADATA", "Digest": "sha1:ec46323dcd4dd2f7742b74b09cc0b030e330e46f" }, { "ID": "pydantic@2.12.5", "Name": "pydantic", "Identifier": { "PURL": "pkg:pypi/pydantic@2.12.5", "UID": "7fd76e85c228445b", "BOMRef": "pkg:pypi/pydantic@2.12.5" }, "Version": "2.12.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pydantic-2.12.5.dist-info/METADATA", "Digest": "sha1:83683052da3c86191d3ce41d60fa7f9780cf0478" }, { "ID": "pydantic-settings@2.13.1", "Name": "pydantic-settings", "Identifier": { "PURL": "pkg:pypi/pydantic-settings@2.13.1", "UID": "638b38a16ac69c80", "BOMRef": "pkg:pypi/pydantic-settings@2.13.1" }, "Version": "2.13.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pydantic_settings-2.13.1.dist-info/METADATA", "Digest": "sha1:b20e7981819ecb354830015a55fa8bcb098c5687" }, { "ID": "pydantic_core@2.41.5", "Name": "pydantic_core", "Identifier": { "PURL": "pkg:pypi/pydantic-core@2.41.5", "UID": "3a8da57310e3920d", "BOMRef": "pkg:pypi/pydantic-core@2.41.5" }, "Version": "2.41.5", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pydantic_core-2.41.5.dist-info/METADATA", "Digest": "sha1:07d49fc75e0fd822fcc2719c0bbece0049fba67a" }, { "ID": "pypdf@6.7.3", "Name": "pypdf", "Identifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "1da241cf5a459789", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "Version": "6.7.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "Digest": "sha1:101bb8b8a2338926646843c8dcd7f25f773fd800" }, { "ID": "python-dateutil@2.9.0.post0", "Name": "python-dateutil", "Identifier": { "PURL": "pkg:pypi/python-dateutil@2.9.0.post0", "UID": "aeafbfea1758ce00", "BOMRef": "pkg:pypi/python-dateutil@2.9.0.post0" }, "Version": "2.9.0.post0", "Licenses": [ "BSD-3-Clause", "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/python_dateutil-2.9.0.post0.dist-info/METADATA", "Digest": "sha1:7a3c35abd86cd96034d5afb0d4b241dc9e13e6f8" }, { "ID": "python-dotenv@1.0.1", "Name": "python-dotenv", "Identifier": { "PURL": "pkg:pypi/python-dotenv@1.0.1", "UID": "cf356e58fefd2131", "BOMRef": "pkg:pypi/python-dotenv@1.0.1" }, "Version": "1.0.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/python_dotenv-1.0.1.dist-info/METADATA", "Digest": "sha1:e0a2e23c662b53538eed76a837fb7ecc9327df7e" }, { "ID": "python-multipart@0.0.22", "Name": "python-multipart", "Identifier": { "PURL": "pkg:pypi/python-multipart@0.0.22", "UID": "1e3419f79efa1ed3", "BOMRef": "pkg:pypi/python-multipart@0.0.22" }, "Version": "0.0.22", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/python_multipart-0.0.22.dist-info/METADATA", "Digest": "sha1:f8bfd84700d227e7438d2377ff7c8585ac4e11cd" }, { "ID": "python-ulid@3.1.0", "Name": "python-ulid", "Identifier": { "PURL": "pkg:pypi/python-ulid@3.1.0", "UID": "e1ac52590228de7e", "BOMRef": "pkg:pypi/python-ulid@3.1.0" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/python_ulid-3.1.0.dist-info/METADATA", "Digest": "sha1:4c8b8c9ccc57da11803c277c04fd19bccf8bbe4d" }, { "ID": "pytz@2025.2", "Name": "pytz", "Identifier": { "PURL": "pkg:pypi/pytz@2025.2", "UID": "c241a24c3c95a6db", "BOMRef": "pkg:pypi/pytz@2025.2" }, "Version": "2025.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/pytz-2025.2.dist-info/METADATA", "Digest": "sha1:db28b063c13ef94fa0f89b36bdc6d66776fe5bd5" }, { "ID": "redis@5.2.1", "Name": "redis", "Identifier": { "PURL": "pkg:pypi/redis@5.2.1", "UID": "c115befdb4c3fdda", "BOMRef": "pkg:pypi/redis@5.2.1" }, "Version": "5.2.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/redis-5.2.1.dist-info/METADATA", "Digest": "sha1:27194d5ec4e7a9cda79f44d14513c056aff7d483" }, { "ID": "redisvl@0.4.1", "Name": "redisvl", "Identifier": { "PURL": "pkg:pypi/redisvl@0.4.1", "UID": "790680b6d1b5f7b9", "BOMRef": "pkg:pypi/redisvl@0.4.1" }, "Version": "0.4.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/redisvl-0.4.1.dist-info/METADATA", "Digest": "sha1:5907c76977fda13f87074bb069abf46d89f26435" }, { "ID": "referencing@0.36.2", "Name": "referencing", "Identifier": { "PURL": "pkg:pypi/referencing@0.36.2", "UID": "6b69ec90a9939932", "BOMRef": "pkg:pypi/referencing@0.36.2" }, "Version": "0.36.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/referencing-0.36.2.dist-info/METADATA", "Digest": "sha1:cf1208e207b8130e0abf63be5c1dac8598fb4049" }, { "ID": "regex@2026.2.19", "Name": "regex", "Identifier": { "PURL": "pkg:pypi/regex@2026.2.19", "UID": "f0dbd627fdef2cb5", "BOMRef": "pkg:pypi/regex@2026.2.19" }, "Version": "2026.2.19", "Licenses": [ "Apache-2.0 AND CNRI-Python" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/regex-2026.2.19.dist-info/METADATA", "Digest": "sha1:103e922a073b1f10b32833910020c7b672c805a7" }, { "ID": "requests@2.32.5", "Name": "requests", "Identifier": { "PURL": "pkg:pypi/requests@2.32.5", "UID": "d8131c935eb477bd", "BOMRef": "pkg:pypi/requests@2.32.5" }, "Version": "2.32.5", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/requests-2.32.5.dist-info/METADATA", "Digest": "sha1:ca17920e69f3c7103322151275139cf487e4da08" }, { "ID": "requests-toolbelt@1.0.0", "Name": "requests-toolbelt", "Identifier": { "PURL": "pkg:pypi/requests-toolbelt@1.0.0", "UID": "a47a6fa56bb6e2e7", "BOMRef": "pkg:pypi/requests-toolbelt@1.0.0" }, "Version": "1.0.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:174ab832cebc501ed4bca4f443eeea3b152616b2e8f3f874909638de0ce88d3b", "DiffID": "sha256:49c40e11224bf3f8b3768d4680a9a3e8cf8b41452345b944b2712a0d8c439d76" }, "FilePath": "usr/lib/python3.13/site-packages/requests_toolbelt-1.0.0.dist-info/METADATA", "Digest": "sha1:171fbbc84e8b7216e237b702f3fda539ffb1e487" }, { "ID": "rfc3339-validator@0.1.4", "Name": "rfc3339-validator", "Identifier": { "PURL": "pkg:pypi/rfc3339-validator@0.1.4", "UID": "f2faa32ad3e7c132", "BOMRef": "pkg:pypi/rfc3339-validator@0.1.4" }, "Version": "0.1.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/rfc3339_validator-0.1.4.dist-info/METADATA", "Digest": "sha1:b8cc2c804bf4cb64b4573a802305f3d0dc7e9a91" }, { "ID": "rich@13.7.1", "Name": "rich", "Identifier": { "PURL": "pkg:pypi/rich@13.7.1", "UID": "2b80136908a463ad", "BOMRef": "pkg:pypi/rich@13.7.1" }, "Version": "13.7.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/rich-13.7.1.dist-info/METADATA", "Digest": "sha1:bf3cca748ddf06213ddb6911d0b2d437f202533b" }, { "ID": "rpds-py@0.30.0", "Name": "rpds-py", "Identifier": { "PURL": "pkg:pypi/rpds-py@0.30.0", "UID": "1d748db9468e3ba", "BOMRef": "pkg:pypi/rpds-py@0.30.0" }, "Version": "0.30.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/rpds_py-0.30.0.dist-info/METADATA", "Digest": "sha1:9eef46c842a0ca6229680d7bfc1272958efdcc5a" }, { "ID": "rsa@4.9.1", "Name": "rsa", "Identifier": { "PURL": "pkg:pypi/rsa@4.9.1", "UID": "5138727870edd6c3", "BOMRef": "pkg:pypi/rsa@4.9.1" }, "Version": "4.9.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/rsa-4.9.1.dist-info/METADATA", "Digest": "sha1:a2f68fc042a03952873edfefafda03c04787a56f" }, { "ID": "s3transfer@0.14.0", "Name": "s3transfer", "Identifier": { "PURL": "pkg:pypi/s3transfer@0.14.0", "UID": "93aee8876d6bdac2", "BOMRef": "pkg:pypi/s3transfer@0.14.0" }, "Version": "0.14.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/s3transfer-0.14.0.dist-info/METADATA", "Digest": "sha1:dd9c4cd2d179b27942830646a152d8f484ca7800" }, { "ID": "semantic-router@0.1.11", "Name": "semantic-router", "Identifier": { "PURL": "pkg:pypi/semantic-router@0.1.11", "UID": "12db0d5c042abc88", "BOMRef": "pkg:pypi/semantic-router@0.1.11" }, "Version": "0.1.11", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:174ab832cebc501ed4bca4f443eeea3b152616b2e8f3f874909638de0ce88d3b", "DiffID": "sha256:49c40e11224bf3f8b3768d4680a9a3e8cf8b41452345b944b2712a0d8c439d76" }, "FilePath": "usr/lib/python3.13/site-packages/semantic_router-0.1.11.dist-info/METADATA", "Digest": "sha1:7de93f4f62c6d698a4693fb0c0380fdf2d9456a3" }, { "ID": "sentry-sdk@2.21.0", "Name": "sentry-sdk", "Identifier": { "PURL": "pkg:pypi/sentry-sdk@2.21.0", "UID": "dc658223b6d8eb2", "BOMRef": "pkg:pypi/sentry-sdk@2.21.0" }, "Version": "2.21.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/sentry_sdk-2.21.0.dist-info/METADATA", "Digest": "sha1:5af3250fb5606b6a97f62d83513d6010a0d3954f" }, { "ID": "six@1.17.0", "Name": "six", "Identifier": { "PURL": "pkg:pypi/six@1.17.0", "UID": "f5987a33746458c6", "BOMRef": "pkg:pypi/six@1.17.0" }, "Version": "1.17.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/six-1.17.0.dist-info/METADATA", "Digest": "sha1:483a26554261f6c839703c0e1183f3ef33ff97f1" }, { "ID": "sniffio@1.3.1", "Name": "sniffio", "Identifier": { "PURL": "pkg:pypi/sniffio@1.3.1", "UID": "8eea9a886cb4d4f1", "BOMRef": "pkg:pypi/sniffio@1.3.1" }, "Version": "1.3.1", "Licenses": [ "MIT", "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/sniffio-1.3.1.dist-info/METADATA", "Digest": "sha1:bc1d7aead770fe23c8d22666b84558edb3686da3" }, { "ID": "soundfile@0.12.1", "Name": "soundfile", "Identifier": { "PURL": "pkg:pypi/soundfile@0.12.1", "UID": "e9f6030a5b0e94c5", "BOMRef": "pkg:pypi/soundfile@0.12.1" }, "Version": "0.12.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/soundfile-0.12.1.dist-info/METADATA", "Digest": "sha1:b5ce3ad2ef849be1c4195d05ca730e0f7905e90b" }, { "ID": "sse-starlette@3.2.0", "Name": "sse-starlette", "Identifier": { "PURL": "pkg:pypi/sse-starlette@3.2.0", "UID": "a1f65057d7b9ea38", "BOMRef": "pkg:pypi/sse-starlette@3.2.0" }, "Version": "3.2.0", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/sse_starlette-3.2.0.dist-info/METADATA", "Digest": "sha1:8a6175cd01d1e84f937287b9a9b0879cda2952f8" }, { "ID": "starlette@0.49.1", "Name": "starlette", "Identifier": { "PURL": "pkg:pypi/starlette@0.49.1", "UID": "bb1d8c78f252da23", "BOMRef": "pkg:pypi/starlette@0.49.1" }, "Version": "0.49.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/starlette-0.49.1.dist-info/METADATA", "Digest": "sha1:d2dc5927de72d847252d292615f15065928238dc" }, { "ID": "tabulate@0.9.0", "Name": "tabulate", "Identifier": { "PURL": "pkg:pypi/tabulate@0.9.0", "UID": "96f404eacf4354a4", "BOMRef": "pkg:pypi/tabulate@0.9.0" }, "Version": "0.9.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tabulate-0.9.0.dist-info/METADATA", "Digest": "sha1:046f2344c8bedde41b94133c1322ae928e80e738" }, { "ID": "tenacity@8.5.0", "Name": "tenacity", "Identifier": { "PURL": "pkg:pypi/tenacity@8.5.0", "UID": "8b5ec268da941cb8", "BOMRef": "pkg:pypi/tenacity@8.5.0" }, "Version": "8.5.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tenacity-8.5.0.dist-info/METADATA", "Digest": "sha1:67c962294c30afecad8066ac633a11bd658c5148" }, { "ID": "tiktoken@0.8.0", "Name": "tiktoken", "Identifier": { "PURL": "pkg:pypi/tiktoken@0.8.0", "UID": "ab8b7846c2c116e2", "BOMRef": "pkg:pypi/tiktoken@0.8.0" }, "Version": "0.8.0", "Licenses": [ "MIT License Copyright (c) 2022 OpenAI, Shantanu Jain Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE." ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tiktoken-0.8.0.dist-info/METADATA", "Digest": "sha1:9d84201eb7fb511e2757fbd00150263ff31577b8" }, { "ID": "tokenizers@0.20.2", "Name": "tokenizers", "Identifier": { "PURL": "pkg:pypi/tokenizers@0.20.2", "UID": "30e5926f891af5bc", "BOMRef": "pkg:pypi/tokenizers@0.20.2" }, "Version": "0.20.2", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tokenizers-0.20.2.dist-info/METADATA", "Digest": "sha1:86c509fc1d122a9bba1c089e9d38ddd1c56d64cd" }, { "ID": "tomlkit@0.14.0", "Name": "tomlkit", "Identifier": { "PURL": "pkg:pypi/tomlkit@0.14.0", "UID": "88025f2a2a20c24b", "BOMRef": "pkg:pypi/tomlkit@0.14.0" }, "Version": "0.14.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tomlkit-0.14.0.dist-info/METADATA", "Digest": "sha1:7887d40449d9684788cfb76faacc540c0769cac8" }, { "ID": "tornado@6.5.4", "Name": "tornado", "Identifier": { "PURL": "pkg:pypi/tornado@6.5.4", "UID": "75f095e2019b1ccd", "BOMRef": "pkg:pypi/tornado@6.5.4" }, "Version": "6.5.4", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tornado-6.5.4.dist-info/METADATA", "Digest": "sha1:a1e2393e5aa6c6bd7c26bfb9b68a31771d14a790" }, { "ID": "tqdm@4.67.3", "Name": "tqdm", "Identifier": { "PURL": "pkg:pypi/tqdm@4.67.3", "UID": "4fe94d28b30b0193", "BOMRef": "pkg:pypi/tqdm@4.67.3" }, "Version": "4.67.3", "Licenses": [ "MPL-2.0 AND MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tqdm-4.67.3.dist-info/METADATA", "Digest": "sha1:0135af1981d2b0f1326020f991192d869693b873" }, { "ID": "typing-inspection@0.4.2", "Name": "typing-inspection", "Identifier": { "PURL": "pkg:pypi/typing-inspection@0.4.2", "UID": "a629afdfa48ccd19", "BOMRef": "pkg:pypi/typing-inspection@0.4.2" }, "Version": "0.4.2", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/typing_inspection-0.4.2.dist-info/METADATA", "Digest": "sha1:455fdb9c8e246ba02c2a28655287401b62028b60" }, { "ID": "typing_extensions@4.15.0", "Name": "typing_extensions", "Identifier": { "PURL": "pkg:pypi/typing-extensions@4.15.0", "UID": "5cc8b9f0d1fd00f5", "BOMRef": "pkg:pypi/typing-extensions@4.15.0" }, "Version": "4.15.0", "Licenses": [ "PSF-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/typing_extensions-4.15.0.dist-info/METADATA", "Digest": "sha1:c5c2ce18351f8f2ae0f4a6f7c84c523f342010ee" }, { "ID": "tzdata@2025.1", "Name": "tzdata", "Identifier": { "PURL": "pkg:pypi/tzdata@2025.1", "UID": "5b37fce3a4043173", "BOMRef": "pkg:pypi/tzdata@2025.1" }, "Version": "2025.1", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tzdata-2025.1.dist-info/METADATA", "Digest": "sha1:6e57a2a6ed74712dd41842370b1c12bb8446d4b1" }, { "ID": "tzlocal@5.3.1", "Name": "tzlocal", "Identifier": { "PURL": "pkg:pypi/tzlocal@5.3.1", "UID": "136012b5f5ef96fa", "BOMRef": "pkg:pypi/tzlocal@5.3.1" }, "Version": "5.3.1", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/tzlocal-5.3.1.dist-info/METADATA", "Digest": "sha1:fa463c4a745ae9f56544484fb7724eb107786eb4" }, { "ID": "urllib3@2.6.3", "Name": "urllib3", "Identifier": { "PURL": "pkg:pypi/urllib3@2.6.3", "UID": "fe75e5b71f22fc46", "BOMRef": "pkg:pypi/urllib3@2.6.3" }, "Version": "2.6.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/urllib3-2.6.3.dist-info/METADATA", "Digest": "sha1:8e2cd7246c7dce09d4590affab6060ec527397c1" }, { "ID": "uvicorn@0.31.1", "Name": "uvicorn", "Identifier": { "PURL": "pkg:pypi/uvicorn@0.31.1", "UID": "5a261107fb274440", "BOMRef": "pkg:pypi/uvicorn@0.31.1" }, "Version": "0.31.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/uvicorn-0.31.1.dist-info/METADATA", "Digest": "sha1:d229686a1d0f8b25bbb3ca0ab3b5519a37abc2b2" }, { "ID": "uvloop@0.21.0", "Name": "uvloop", "Identifier": { "PURL": "pkg:pypi/uvloop@0.21.0", "UID": "8110031b3ec4cf9c", "BOMRef": "pkg:pypi/uvloop@0.21.0" }, "Version": "0.21.0", "Licenses": [ "Apache-2.0", "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/uvloop-0.21.0.dist-info/METADATA", "Digest": "sha1:eecfee7932b6d8397d72414b9a42e8b34c4dcbe7" }, { "ID": "websockets@15.0.1", "Name": "websockets", "Identifier": { "PURL": "pkg:pypi/websockets@15.0.1", "UID": "ec1546d2fec0dfd1", "BOMRef": "pkg:pypi/websockets@15.0.1" }, "Version": "15.0.1", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/websockets-15.0.1.dist-info/METADATA", "Digest": "sha1:7bcef50b72ed117258a503c68d7f5dd194872067" }, { "ID": "wheel@0.46.3", "Name": "wheel", "Identifier": { "PURL": "pkg:pypi/wheel@0.46.3", "UID": "9fbe90584aec9c97", "BOMRef": "pkg:pypi/wheel@0.46.3" }, "Version": "0.46.3", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/wheel-0.46.3.dist-info/METADATA", "Digest": "sha1:241e26c983f51b16a8c352de6e874712a4b70e52" }, { "ID": "wrapt@1.17.3", "Name": "wrapt", "Identifier": { "PURL": "pkg:pypi/wrapt@1.17.3", "UID": "887559e7e6e5b8cb", "BOMRef": "pkg:pypi/wrapt@1.17.3" }, "Version": "1.17.3", "Licenses": [ "BSD-3-Clause" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/wrapt-1.17.3.dist-info/METADATA", "Digest": "sha1:dbb2682fa0ce1b88bad298721b69b9263a689653" }, { "ID": "xmltodict@1.0.4", "Name": "xmltodict", "Identifier": { "PURL": "pkg:pypi/xmltodict@1.0.4", "UID": "22c48f16f7ba9b0b", "BOMRef": "pkg:pypi/xmltodict@1.0.4" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/xmltodict-1.0.4.dist-info/METADATA", "Digest": "sha1:bd19f1f027500e9a68b016cf681821a8c03e34ef" }, { "ID": "yarl@1.22.0", "Name": "yarl", "Identifier": { "PURL": "pkg:pypi/yarl@1.22.0", "UID": "b9e7f36e5edb2e35", "BOMRef": "pkg:pypi/yarl@1.22.0" }, "Version": "1.22.0", "Licenses": [ "Apache-2.0" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/yarl-1.22.0.dist-info/METADATA", "Digest": "sha1:f41ac3bd0464e5ad45fa596ed3de6fc69d98568d" }, { "ID": "zipp@3.23.0", "Name": "zipp", "Identifier": { "PURL": "pkg:pypi/zipp@3.23.0", "UID": "de33edb6bd27db5e", "BOMRef": "pkg:pypi/zipp@3.23.0" }, "Version": "3.23.0", "Licenses": [ "MIT" ], "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "FilePath": "usr/lib/python3.13/site-packages/zipp-3.23.0.dist-info/METADATA", "Digest": "sha1:d7974cc6cd5ace30ae2bf7e89ed458fc7e46a194" } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-32597", "VendorIDs": [ "GHSA-752w-5fwx-jx9f" ], "PkgID": "PyJWT@2.10.1", "PkgName": "PyJWT", "PkgPath": "usr/lib/python3.13/site-packages/PyJWT-2.10.1.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pyjwt@2.10.1", "UID": "d2b420b0f161d193", "BOMRef": "pkg:pypi/pyjwt@2.10.1" }, "InstalledVersion": "2.10.1", "FixedVersion": "2.12.0", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-32597", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:323bb010b2576f5d379e9c36fddf2b61e386778045670c235e9b108a63b1dd14", "Title": "pyjwt: PyJWT accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation)", "Description": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC. This vulnerability is fixed in 2.12.0.", "Severity": "HIGH", "CweIDs": [ "CWE-345", "CWE-863" ], "VendorSeverity": { "amazon": 2, "ghsa": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-32597", "https://github.com/jpadilla/pyjwt", "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f", "https://nvd.nist.gov/vuln/detail/CVE-2026-32597", "https://ubuntu.com/security/notices/USN-8133-1", "https://www.cve.org/CVERecord?id=CVE-2026-32597" ], "PublishedDate": "2026-03-13T19:55:09.5Z", "LastModifiedDate": "2026-03-19T13:30:29.217Z" }, { "VulnerabilityID": "CVE-2026-4539", "VendorIDs": [ "GHSA-5239-wwwm-4pmq" ], "PkgID": "Pygments@2.19.2", "PkgName": "Pygments", "PkgPath": "usr/lib/python3.13/site-packages/pygments-2.19.2.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pygments@2.19.2", "UID": "285e5a33a4ff058d", "BOMRef": "pkg:pypi/pygments@2.19.2" }, "InstalledVersion": "2.19.2", "FixedVersion": "2.20.0", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-4539", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:ebde05e4d8dcd73a17075046f3361dd78663645fafd33c8dceda93495fbf43d3", "Title": "pygments: Pygments: Denial of Service via inefficient regular expression processing in AdlLexer", "Description": "A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.", "Severity": "LOW", "CweIDs": [ "CWE-400", "CWE-1333" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "V3Score": 3.3, "V40Score": 1.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-4539", "https://github.com/pygments/pygments", "https://github.com/pygments/pygments/", "https://github.com/pygments/pygments/commit/24b8aa76c6cd6d70f39c6dd605cce319c98e2ccc", "https://github.com/pygments/pygments/issues/3058", "https://github.com/pygments/pygments/pull/3064", "https://github.com/pygments/pygments/releases/tag/2.20.0", "https://nvd.nist.gov/vuln/detail/CVE-2026-4539", "https://vuldb.com/?ctiid.352327", "https://vuldb.com/?id.352327", "https://vuldb.com/?submit.774685", "https://www.cve.org/CVERecord?id=CVE-2026-4539" ], "PublishedDate": "2026-03-22T06:16:20.913Z", "LastModifiedDate": "2026-03-23T14:31:37.267Z" }, { "VulnerabilityID": "CVE-2026-22815", "VendorIDs": [ "GHSA-w2fm-2cpv-w7v5" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-22815", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:e297cb5a8fd78db1e9ad3bb29c1a40a1df63eabccc96ee4b5deb56e6c856a4ab", "Title": "aiohttp: AIOHTTP: Denial of Service via insufficient header/trailer handling", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-770" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-22815", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-w2fm-2cpv-w7v5", "https://nvd.nist.gov/vuln/detail/CVE-2026-22815", "https://www.cve.org/CVERecord?id=CVE-2026-22815" ], "PublishedDate": "2026-04-01T21:16:58.513Z", "LastModifiedDate": "2026-04-04T04:17:11.5Z" }, { "VulnerabilityID": "CVE-2026-34515", "VendorIDs": [ "GHSA-p998-jp59-783m" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34515", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:aa0ff32af4423f451a9b5ca9ffda6e685d476c23cfcad9f23218d016963c6ee4", "Title": "aiohttp: AIOHTTP: Information disclosure via static resource handler on Windows", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This issue has been patched in version 3.13.4.", "Severity": "MEDIUM", "CweIDs": [ "CWE-36", "CWE-918" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 6.6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34515", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/0ae2aa076c84573df83fc1fdc39eec0f5862fe3d", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-p998-jp59-783m", "https://nvd.nist.gov/vuln/detail/CVE-2026-34515", "https://www.cve.org/CVERecord?id=CVE-2026-34515" ], "PublishedDate": "2026-04-01T21:16:59.57Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34516", "VendorIDs": [ "GHSA-m5qp-6w8w-w647" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34516", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:866e8a4d5186c80beaf50090938ccce515a3aaa37fd8a0f3288f6eb882018131", "Title": "aiohttp: AIOHTTP: Denial of Service via excessive multipart headers", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. This issue has been patched in version 3.13.4.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U", "V40Score": 6.6 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34516", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-m5qp-6w8w-w647", "https://nvd.nist.gov/vuln/detail/CVE-2026-34516", "https://www.cve.org/CVERecord?id=CVE-2026-34516" ], "PublishedDate": "2026-04-01T21:16:59.723Z", "LastModifiedDate": "2026-04-04T04:17:20.147Z" }, { "VulnerabilityID": "CVE-2026-34525", "VendorIDs": [ "GHSA-c427-h43c-vf67" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34525", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:e84f570f991af8f81da0073310141adbbe376c44e2bb855e226ffeb8826b2695", "Title": "aiohttp: aiohttp: Security bypass via multiple Host headers", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20", "CWE-444" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N", "V40Score": 6.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", "V3Score": 5.4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34525", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000", "https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67", "https://nvd.nist.gov/vuln/detail/CVE-2026-34525", "https://www.cve.org/CVERecord?id=CVE-2026-34525" ], "PublishedDate": "2026-04-01T21:17:00.49Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34513", "VendorIDs": [ "GHSA-hcc4-c3v8-rx92" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34513", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:96526097b9e565fbcbf5ef8c916c84641b20edb5fca07d11d43577d13d9175e1", "Title": "aiohttp: AIOHTTP: Denial of Service due to unbounded DNS cache", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34513", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-hcc4-c3v8-rx92", "https://nvd.nist.gov/vuln/detail/CVE-2026-34513", "https://www.cve.org/CVERecord?id=CVE-2026-34513" ], "PublishedDate": "2026-04-01T21:16:59.267Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34514", "VendorIDs": [ "GHSA-2vrm-gr82-f7m5" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34514", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:e702c6a7f468a334f650f8b9550cb73a6231ea5b2f4a9cfd8d21e0428e1a106a", "Title": "aiohttp: AIOHTTP: Header Injection via content_type parameter manipulation", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-113" ], "VendorSeverity": { "ghsa": 1, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34514", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-2vrm-gr82-f7m5", "https://nvd.nist.gov/vuln/detail/CVE-2026-34514", "https://www.cve.org/CVERecord?id=CVE-2026-34514" ], "PublishedDate": "2026-04-01T21:16:59.417Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34517", "VendorIDs": [ "GHSA-3wq7-rqq7-wx6j" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34517", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:a54f789989605bca58808a5eb74e695bddcaf31106f6193215b12e8ab415dc30", "Title": "aiohttp: AIOHTTP: Denial of Service via large multipart form fields", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking client_max_size. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34517", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-3wq7-rqq7-wx6j", "https://nvd.nist.gov/vuln/detail/CVE-2026-34517", "https://www.cve.org/CVERecord?id=CVE-2026-34517" ], "PublishedDate": "2026-04-01T21:16:59.87Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34518", "VendorIDs": [ "GHSA-966j-vmvw-g2g9" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34518", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:17f8068b71428244ee87fc4bd501180d108baf2d9105f003b3bb86d35173ad70", "Title": "aiohttp: AIOHTTP: Information disclosure via retained Cookie and Proxy-Authorization headers during redirects", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-200" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34518", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-966j-vmvw-g2g9", "https://nvd.nist.gov/vuln/detail/CVE-2026-34518", "https://www.cve.org/CVERecord?id=CVE-2026-34518" ], "PublishedDate": "2026-04-01T21:17:00.02Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34519", "VendorIDs": [ "GHSA-mwh4-6h8g-pg8w" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34519", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:c677ff157a1bb25fab314b79823db49eca07785b4ab4ea1dd8c7d70fb78e8fe3", "Title": "aiohttp: aiohttp: Header injection vulnerability via reason parameter", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-113" ], "VendorSeverity": { "ghsa": 1, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34519", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mwh4-6h8g-pg8w", "https://nvd.nist.gov/vuln/detail/CVE-2026-34519", "https://www.cve.org/CVERecord?id=CVE-2026-34519" ], "PublishedDate": "2026-04-01T21:17:00.17Z", "LastModifiedDate": "2026-04-03T16:10:52.68Z" }, { "VulnerabilityID": "CVE-2026-34520", "VendorIDs": [ "GHSA-63hf-3vf5-4wqf" ], "PkgID": "aiohttp@3.13.3", "PkgName": "aiohttp", "PkgPath": "usr/lib/python3.13/site-packages/aiohttp-3.13.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/aiohttp@3.13.3", "UID": "5abcfc8ae0dafb27", "BOMRef": "pkg:pypi/aiohttp@3.13.3" }, "InstalledVersion": "3.13.3", "FixedVersion": "3.13.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34520", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:0770c420fed18efd646b9b1025c31ad6b249ef4b7310b4e44012f102049b74b9", "Title": "aiohttp: AIOHTTP: Header injection vulnerability due to improper character handling", "Description": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4.", "Severity": "LOW", "CweIDs": [ "CWE-113" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 2.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34520", "https://github.com/aio-libs/aiohttp", "https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4", "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4", "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-63hf-3vf5-4wqf", "https://nvd.nist.gov/vuln/detail/CVE-2026-34520", "https://www.cve.org/CVERecord?id=CVE-2026-34520" ], "PublishedDate": "2026-04-01T21:17:00.333Z", "LastModifiedDate": "2026-04-04T04:17:20.773Z" }, { "VulnerabilityID": "CVE-2026-34073", "VendorIDs": [ "GHSA-m959-cc7f-wv43" ], "PkgID": "cryptography@46.0.5", "PkgName": "cryptography", "PkgPath": "usr/lib/python3.13/site-packages/cryptography-46.0.5.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/cryptography@46.0.5", "UID": "30400e84e7b8acf7", "BOMRef": "pkg:pypi/cryptography@46.0.5" }, "InstalledVersion": "46.0.5", "FixedVersion": "46.0.6", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-34073", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:a0a15bf12f7993f9515806d984f1ae6b5269b33fee66ade32b33b7c56ca46249", "Title": "cryptography: python: Cryptography: Security bypass due to improper DNS name constraint validation", "Description": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the \"peer name\" presented during each validation. Consequently, cryptography would allow a peer named bar.example.com to validate against a wildcard leaf certificate for *.example.com, even if the leaf's parent certificate (or upwards) contained an excluded subtree constraint for bar.example.com. This issue has been patched in version 46.0.6.", "Severity": "LOW", "CweIDs": [ "CWE-295" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", "V40Score": 1.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-34073", "https://github.com/pyca/cryptography", "https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43", "https://nvd.nist.gov/vuln/detail/CVE-2026-34073", "https://www.cve.org/CVERecord?id=CVE-2026-34073" ], "PublishedDate": "2026-03-31T03:15:59.123Z", "LastModifiedDate": "2026-04-01T14:24:02.583Z" }, { "VulnerabilityID": "CVE-2026-35030", "VendorIDs": [ "GHSA-jjhc-v7c2-5hh6" ], "PkgID": "litellm@1.81.15", "PkgName": "litellm", "PkgPath": "usr/lib/python3.13/site-packages/litellm-1.81.15.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/litellm@1.81.15", "UID": "2637be1bcc47612", "BOMRef": "pkg:pypi/litellm@1.81.15" }, "InstalledVersion": "1.81.15", "FixedVersion": "1.83.0", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-35030", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:4c271c3bffa665d3dd647bb9e5e819c137940df7766a6d9087242ac625326032", "Title": "LiteLLM: Authentication bypass via OIDC userinfo cache key collision", "Description": "### Impact\n\nWhen JWT authentication is enabled (`enable_jwt_auth: true`), the OIDC userinfo cache uses `token[:20]` as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters.\n\nThis configuration option is not enabled by default. **Most instances are not affected.**\n\nAn unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled.\n\n### Patches\n\nFixed in v1.83.0. The cache key now uses the full hash of the JWT token.\n\n### Workarounds\n\nDisable OIDC userinfo caching by setting the cache TTL to 0, or disable JWT authentication entirely.", "Severity": "CRITICAL", "VendorSeverity": { "ghsa": 4 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N", "V40Score": 9.4 } }, "References": [ "https://github.com/BerriAI/litellm", "https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6" ] }, { "VulnerabilityID": "CVE-2026-35029", "VendorIDs": [ "GHSA-53mr-6c8q-9789" ], "PkgID": "litellm@1.81.15", "PkgName": "litellm", "PkgPath": "usr/lib/python3.13/site-packages/litellm-1.81.15.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/litellm@1.81.15", "UID": "2637be1bcc47612", "BOMRef": "pkg:pypi/litellm@1.81.15" }, "InstalledVersion": "1.81.15", "FixedVersion": "1.83.0", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-35029", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:998291311a0674b4f4105004d88662599a63d2d042ac9839247fc197329f39c0", "Title": "LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint", "Description": "### Impact\n\nThe `/config/update endpoint` does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to do the following:\n\n - Modify proxy configuration and environment variables\n - Register custom pass-through endpoint handlers pointing to attacker-controlled Python code, achieving remote code execution\n - Read arbitrary server files by setting UI_LOGO_PATH and fetching via /get_image\n - Take over other priveleged accounts by overwriting UI_USERNAME and UI_PASSWORD environment variables\n\n### Patches\n\nFixed in v1.83.0. The endpoint now requires `proxy_admin` role.\n\n### Workarounds\n\nRestrict API key distribution. There is no configuration-level workaround.", "Severity": "HIGH", "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N", "V40Score": 8.7 } }, "References": [ "https://github.com/BerriAI/litellm", "https://github.com/BerriAI/litellm/security/advisories/GHSA-53mr-6c8q-9789" ] }, { "VulnerabilityID": "CVE-2026-30922", "VendorIDs": [ "GHSA-jr27-m4p2-rc6r" ], "PkgID": "pyasn1@0.6.2", "PkgName": "pyasn1", "PkgPath": "usr/lib/python3.13/site-packages/pyasn1-0.6.2.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pyasn1@0.6.2", "UID": "97f0f328a8eac115", "BOMRef": "pkg:pypi/pyasn1@0.6.2" }, "InstalledVersion": "0.6.2", "FixedVersion": "0.6.3", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-30922", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:c8b01b67777a21a211fe112adb623397adbfa193f38a4aca319365ee454edac6", "Title": "pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion", "Description": "pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the `pyasn1` library is vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested `SEQUENCE` (`0x30`) or `SET` (`0x31`) tags with \"Indefinite Length\" (`0x80`) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a `RecursionError` or consumes all available memory (OOM), crashing the host application. This is a distinct vulnerability from CVE-2026-23490 (which addressed integer overflows in OID decoding). The fix for CVE-2026-23490 (`MAX_OID_ARC_CONTINUATION_OCTETS`) does not mitigate this recursion issue. Version 0.6.3 fixes this specific issue.", "Severity": "HIGH", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "amazon": 2, "cbl-mariner": 3, "ghsa": 3, "redhat": 3, "ubuntu": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "http://www.openwall.com/lists/oss-security/2026/03/20/4", "https://access.redhat.com/security/cve/CVE-2026-30922", "https://github.com/pyasn1/pyasn1", "https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0", "https://github.com/pyasn1/pyasn1/commit/5a49bd1fe93b5b866a1210f6bf0a3924f21572c8", "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.3", "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r", "https://nvd.nist.gov/vuln/detail/CVE-2026-30922", "https://ubuntu.com/security/notices/USN-8129-1", "https://ubuntu.com/security/notices/USN-8134-1", "https://www.cve.org/CVERecord?id=CVE-2026-30922" ], "PublishedDate": "2026-03-18T04:17:18.397Z", "LastModifiedDate": "2026-03-21T01:17:06.36Z" }, { "VulnerabilityID": "CVE-2026-28351", "VendorIDs": [ "GHSA-f2v5-7jq9-h8cg" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "1da241cf5a459789", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.7.4", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-28351", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:ac48f2ef3cb60607f6a86d9f0af7c00064a2adca351e02d2134eba250197a03b", "Title": "pypdf: pypdf: Denial of Service via crafted PDF with RunLengthDecode filter", "Description": "pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter. This has been fixed in pypdf 6.7.4. As a workaround, consider applying the changes from PR #3664.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-28351", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/commit/f309c6003746414dc7b5048c19e6d879ff2dc858", "https://github.com/py-pdf/pypdf/pull/3664", "https://github.com/py-pdf/pypdf/releases/tag/6.7.4", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-f2v5-7jq9-h8cg", "https://nvd.nist.gov/vuln/detail/CVE-2026-28351", "https://www.cve.org/CVERecord?id=CVE-2026-28351" ], "PublishedDate": "2026-02-27T21:16:19.177Z", "LastModifiedDate": "2026-03-03T18:36:06.29Z" }, { "VulnerabilityID": "CVE-2026-28804", "VendorIDs": [ "GHSA-9m86-7pmv-2852" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "1da241cf5a459789", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.7.5", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-28804", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:c5952a4d82e7840fff25510492a6dce34bb144a6867af4d09cf0ff5e70ef5c48", "Title": "pypdf: pypdf: Denial of Service via crafted PDF with ASCIIHexDecode filter", "Description": "pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5.", "Severity": "MEDIUM", "CweIDs": [ "CWE-407" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-28804", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/commit/648c627d2657447dfb1773412af05a0a5103b98f", "https://github.com/py-pdf/pypdf/pull/3666", "https://github.com/py-pdf/pypdf/releases/tag/6.7.5", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-9m86-7pmv-2852", "https://nvd.nist.gov/vuln/detail/CVE-2026-28804", "https://www.cve.org/CVERecord?id=CVE-2026-28804" ], "PublishedDate": "2026-03-06T07:16:01.22Z", "LastModifiedDate": "2026-03-10T19:39:37.18Z" }, { "VulnerabilityID": "CVE-2026-31826", "VendorIDs": [ "GHSA-hqmh-ppp3-xvm7" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "1da241cf5a459789", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.8.0", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31826", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:81625403112b52f962c9611c4094ee3a12ea5254189a0d6b2b3e0bbef46298c6", "Title": "pypdf: pypdf: Denial of Service due to excessive memory consumption via crafted PDF", "Description": "pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. This vulnerability is fixed in 6.8.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 6.8 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31826", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/commit/3c550b3196adeba1506a26e57c09c09fac75e9aa", "https://github.com/py-pdf/pypdf/pull/3675", "https://github.com/py-pdf/pypdf/releases/tag/6.8.0", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-hqmh-ppp3-xvm7", "https://nvd.nist.gov/vuln/detail/CVE-2026-31826", "https://www.cve.org/CVERecord?id=CVE-2026-31826" ], "PublishedDate": "2026-03-10T22:16:20.483Z", "LastModifiedDate": "2026-03-17T20:52:08.673Z" }, { "VulnerabilityID": "CVE-2026-33123", "VendorIDs": [ "GHSA-qpxp-75px-xjcp" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "1da241cf5a459789", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.9.1", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33123", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:51889af92828f06c19679b5b728f2b53ace48b55c79fc20e0fabcbb52bb33b32", "Title": "pypdf: pypdf: Denial of Service due to excessive resource consumption from crafted PDF", "Description": "pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400", "CWE-407" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 5.1 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "V3Score": 4.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33123", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/pull/3686", "https://github.com/py-pdf/pypdf/releases/tag/6.9.1", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-qpxp-75px-xjcp", "https://nvd.nist.gov/vuln/detail/CVE-2026-33123", "https://www.cve.org/CVERecord?id=CVE-2026-33123" ], "PublishedDate": "2026-03-20T10:16:18.717Z", "LastModifiedDate": "2026-03-23T15:48:01.007Z" }, { "VulnerabilityID": "CVE-2026-33699", "VendorIDs": [ "GHSA-87mj-5ggw-8qc3" ], "PkgID": "pypdf@6.7.3", "PkgName": "pypdf", "PkgPath": "usr/lib/python3.13/site-packages/pypdf-6.7.3.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/pypdf@6.7.3", "UID": "1da241cf5a459789", "BOMRef": "pkg:pypi/pypdf@6.7.3" }, "InstalledVersion": "6.7.3", "FixedVersion": "6.9.2", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-33699", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:57aa24bc99c31415a9c5a57bc1cb11b5699510fea029b341f5eb7b33dce258b9", "Title": "pypdf: pypdf: Denial of Service via crafted PDF in non-strict mode", "Description": "pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider applying the changes from the patch manually.", "Severity": "MEDIUM", "CweIDs": [ "CWE-835" ], "VendorSeverity": { "ghsa": 2, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U", "V40Score": 4.6 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-33699", "https://github.com/py-pdf/pypdf", "https://github.com/py-pdf/pypdf/pull/3693", "https://github.com/py-pdf/pypdf/releases/tag/6.9.2", "https://github.com/py-pdf/pypdf/security/advisories/GHSA-87mj-5ggw-8qc3", "https://nvd.nist.gov/vuln/detail/CVE-2026-33699", "https://www.cve.org/CVERecord?id=CVE-2026-33699" ], "PublishedDate": "2026-03-27T01:16:19.147Z", "LastModifiedDate": "2026-04-01T16:01:35.88Z" }, { "VulnerabilityID": "CVE-2026-25645", "VendorIDs": [ "GHSA-gc5v-m9x4-r6x2" ], "PkgID": "requests@2.32.5", "PkgName": "requests", "PkgPath": "usr/lib/python3.13/site-packages/requests-2.32.5.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/requests@2.32.5", "UID": "d8131c935eb477bd", "BOMRef": "pkg:pypi/requests@2.32.5" }, "InstalledVersion": "2.32.5", "FixedVersion": "2.33.0", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-25645", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:2b3005b07dc5a6b7e5412ddcf35545abddc5483e79b217a7af964879fbbeb4d4", "Title": "requests: Requests: Security bypass due to predictable temporary file creation", "Description": "Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker with write access to the temp directory could pre-create a malicious file that would be loaded in place of the legitimate one. Standard usage of the Requests library is not affected by this vulnerability. Only applications that call `extract_zipped_paths()` directly are impacted. Starting in version 2.33.0, the library extracts files to a non-deterministic location. If developers are unable to upgrade, they can set `TMPDIR` in their environment to a directory with restricted write access.", "Severity": "MEDIUM", "CweIDs": [ "CWE-377" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "V3Score": 4.4 }, "nvd": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "V3Score": 4.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-25645", "https://github.com/psf/requests", "https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7", "https://github.com/psf/requests/releases/tag/v2.33.0", "https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2", "https://nvd.nist.gov/vuln/detail/CVE-2026-25645", "https://www.cve.org/CVERecord?id=CVE-2026-25645" ], "PublishedDate": "2026-03-25T17:16:52.97Z", "LastModifiedDate": "2026-03-30T14:23:16.127Z" }, { "VulnerabilityID": "CVE-2026-31958", "VendorIDs": [ "GHSA-qjxf-f2mg-c6mc" ], "PkgID": "tornado@6.5.4", "PkgName": "tornado", "PkgPath": "usr/lib/python3.13/site-packages/tornado-6.5.4.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/tornado@6.5.4", "UID": "75f095e2019b1ccd", "BOMRef": "pkg:pypi/tornado@6.5.4" }, "InstalledVersion": "6.5.4", "FixedVersion": "6.5.5", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-31958", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:10b5831ac0a0f1c5feae09fe9ece4ce967a81416be39c47bd967452119025f77", "Title": "tornado-python: Tornado: Denial of Service via large multipart bodies", "Description": "Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the max_body_size setting (default 100MB). Since parsing occurs synchronously on the main thread, this creates the possibility of denial-of-service due to the cost of parsing very large multipart bodies with many parts. This vulnerability is fixed in 6.5.5.", "Severity": "HIGH", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "amazon": 3, "ghsa": 3, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-31958", "https://github.com/tornadoweb/tornado", "https://github.com/tornadoweb/tornado/commit/119a195e290c43ad2d63a2cf012c29d43d6ed839", "https://github.com/tornadoweb/tornado/releases/tag/v6.5.5", "https://github.com/tornadoweb/tornado/security/advisories/GHSA-qjxf-f2mg-c6mc", "https://lists.debian.org/debian-lts-announce/2026/04/msg00000.html", "https://nvd.nist.gov/vuln/detail/CVE-2026-31958", "https://www.cve.org/CVERecord?id=CVE-2026-31958" ], "PublishedDate": "2026-03-11T20:16:16.617Z", "LastModifiedDate": "2026-04-01T15:23:00.217Z" }, { "VulnerabilityID": "GHSA-78cv-mqj4-43f7", "PkgID": "tornado@6.5.4", "PkgName": "tornado", "PkgPath": "usr/lib/python3.13/site-packages/tornado-6.5.4.dist-info/METADATA", "PkgIdentifier": { "PURL": "pkg:pypi/tornado@6.5.4", "UID": "75f095e2019b1ccd", "BOMRef": "pkg:pypi/tornado@6.5.4" }, "InstalledVersion": "6.5.4", "FixedVersion": "6.5.5", "Status": "fixed", "Layer": { "Digest": "sha256:494ea04fb60e17000a47119a2b3e745b34cc0d8d0f4c35fea1ba36b7022682fd", "DiffID": "sha256:a4c30927e523c74dca99f4b31fadf1e2a334cf95d1305a8fe5d7e1f199a836e1" }, "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-78cv-mqj4-43f7", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory pip", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apip" }, "Fingerprint": "sha256:f1ac92fd089dcd90594868f05741f3d0f04d06b7805421f130ef6c9c03c5ab43", "Title": "Tornado has incomplete validation of cookie attributes", "Description": "Values passed to the `domain`, `path`, and `samesite` arguments of `RequestHandler.set_cookie` were not completely validated in versions of Tornado prior to 6.5.5. In particular, semicolons would be allowed, which could be used to inject attacker-controlled values for other cookie attributes.", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "V3Score": 5.4 } }, "References": [ "https://github.com/tornadoweb/tornado", "https://github.com/tornadoweb/tornado/commit/24a2d96ea115f663b223887deb0060f13974c104", "https://github.com/tornadoweb/tornado/releases/tag/v6.5.5", "https://github.com/tornadoweb/tornado/security/advisories/GHSA-78cv-mqj4-43f7" ], "PublishedDate": "2026-03-11T22:17:00Z", "LastModifiedDate": "2026-03-11T22:17:00Z" } ] } ] }