Skip to main content

One doc tagged with "spdx"

View all tags

SBOM & VEX Workflows

A Software Bill of Materials (SBOM) records the software components in a product or release. A Vulnerability Exploitability eXchange (VEX) record explains whether a known vulnerability in one of those components affects the product.