ABCDEFGHIJ
1
2
NOTE: This is a fictitious SBOM for a medical device. It is intended solely to illustrate how part of an SBOM might appear in spreadsheet format. It does not represent a real product or actual software components.
3
Purpose — SBOM is to contain: device manufacturer-developed components; third-party components (including purchased/licensed software and open-source software); and the upstream software dependencies that are required/depended upon by proprietary, purchased/licensed, and open-source software
4
Date/Time Last Updated: 3/21/2025 6:37
5
Unique IDNameVersionManufacturer / SupplierSoftware Level of Support / License infoEnd-of-support dateKnown VulnerabilitiesRelationshipSource Code Repo Tag
6
S1Customer Code 1 (Software Device)1CompanyN/A - Custom Code Created by CompanyN/A - Custom Code Created by CompanyNoneSW DeviceLink/Tag
7
S2Powershell5.1.17763.6530MicrosoftMicrosoft provides support for1/12/2027CVE-2024-38047: PowerShell Elevation of Privilege Vulnerability.Required supporting softwareN/A
8
PowerShell on aCVE-2024-38046: PowerShell Elevation of Privilege Vulnerability.
9
best-effort basisCVE-2024-38043: PowerShell Elevation of Privilege Vulnerability.
10
CVE-2024-38033: PowerShell Elevation of Privilege Vulnerability.
11
https://learn.microsoft.com/en-us/powershell/scripting/install/powershell-support-lifecycle?view=powershell-7.4CVE-2023-36013: PowerShell Information Disclosure Vulnerability.
12
CVE-2022-41076: PowerShell Remote Code Execution Vulnerability.
13
CVE-2022-26788: PowerShell Elevation of Privilege Vulnerability.
14
CVE-2021-41357: PowerShell Remote Code Execution Vulnerability.
15
CVE-2021-26701: PowerShell Remote Code Execution Vulnerability.
16
CVE-2020-16885: PowerShell Remote Code Execution Vulnerability.
17
S3ASP .NET Core8.0.10MicrosoftModern Lifecycle Policy5/12/2026CVE-2021-26701: .NET Core Remote Code Execution Vulnerability.Required supporting softwareN/A
18
CVE-2021-24112: .NET Core Remote Code Execution Vulnerability.
19
CVE-2022-41089: .NET Remote Code Execution Vulnerability.
20
CVE-2023-38180: .NET Denial of Service Vulnerability.
21
CVE-2023-36558: .NET Security Feature Bypass Vulnerability.
22
CVE-2024-38229: .NET Remote Code Execution Vulnerability.
23
CVE-2024-0056: .NET Information Disclosure Vulnerability.
24
CVE-2024-0057: .NET Security Feature Bypass Vulnerability.
25
CVE-2024-21319: .NET Denial of Service Vulnerability.
26
CVE-2024-43483: .NET and Visual Studio Denial of Service Vulnerability.
27
CVE-2024-43484: .NET and Visual Studio Denial of Service Vulnerability.
28
CVE-2024-43485: .NET and Visual Studio Denial of Service Vulnerability.
29