| A | B | C | D | E | F | G | H | I | J | |
|---|---|---|---|---|---|---|---|---|---|---|
1 | ||||||||||
2 | NOTE: This is a fictitious SBOM for a medical device. It is intended solely to illustrate how part of an SBOM might appear in spreadsheet format. It does not represent a real product or actual software components. | |||||||||
3 | Purpose — SBOM is to contain: device manufacturer-developed components; third-party components (including purchased/licensed software and open-source software); and the upstream software dependencies that are required/depended upon by proprietary, purchased/licensed, and open-source software | |||||||||
4 | Date/Time Last Updated: 3/21/2025 6:37 | |||||||||
5 | Unique ID | Name | Version | Manufacturer / Supplier | Software Level of Support / License info | End-of-support date | Known Vulnerabilities | Relationship | Source Code Repo Tag | |
6 | S1 | Customer Code 1 (Software Device) | 1 | Company | N/A - Custom Code Created by Company | N/A - Custom Code Created by Company | None | SW Device | Link/Tag | |
7 | S2 | Powershell | 5.1.17763.6530 | Microsoft | Microsoft provides support for | 1/12/2027 | CVE-2024-38047: PowerShell Elevation of Privilege Vulnerability. | Required supporting software | N/A | |
8 | PowerShell on a | CVE-2024-38046: PowerShell Elevation of Privilege Vulnerability. | ||||||||
9 | best-effort basis | CVE-2024-38043: PowerShell Elevation of Privilege Vulnerability. | ||||||||
10 | CVE-2024-38033: PowerShell Elevation of Privilege Vulnerability. | |||||||||
11 | https://learn.microsoft.com/en-us/powershell/scripting/install/powershell-support-lifecycle?view=powershell-7.4 | CVE-2023-36013: PowerShell Information Disclosure Vulnerability. | ||||||||
12 | CVE-2022-41076: PowerShell Remote Code Execution Vulnerability. | |||||||||
13 | CVE-2022-26788: PowerShell Elevation of Privilege Vulnerability. | |||||||||
14 | CVE-2021-41357: PowerShell Remote Code Execution Vulnerability. | |||||||||
15 | CVE-2021-26701: PowerShell Remote Code Execution Vulnerability. | |||||||||
16 | CVE-2020-16885: PowerShell Remote Code Execution Vulnerability. | |||||||||
17 | S3 | ASP .NET Core | 8.0.10 | Microsoft | Modern Lifecycle Policy | 5/12/2026 | CVE-2021-26701: .NET Core Remote Code Execution Vulnerability. | Required supporting software | N/A | |
18 | CVE-2021-24112: .NET Core Remote Code Execution Vulnerability. | |||||||||
19 | CVE-2022-41089: .NET Remote Code Execution Vulnerability. | |||||||||
20 | CVE-2023-38180: .NET Denial of Service Vulnerability. | |||||||||
21 | CVE-2023-36558: .NET Security Feature Bypass Vulnerability. | |||||||||
22 | CVE-2024-38229: .NET Remote Code Execution Vulnerability. | |||||||||
23 | CVE-2024-0056: .NET Information Disclosure Vulnerability. | |||||||||
24 | CVE-2024-0057: .NET Security Feature Bypass Vulnerability. | |||||||||
25 | CVE-2024-21319: .NET Denial of Service Vulnerability. | |||||||||
26 | CVE-2024-43483: .NET and Visual Studio Denial of Service Vulnerability. | |||||||||
27 | CVE-2024-43484: .NET and Visual Studio Denial of Service Vulnerability. | |||||||||
28 | CVE-2024-43485: .NET and Visual Studio Denial of Service Vulnerability. | |||||||||
29 | ||||||||||