Index page
Updated 2025-04-04 SBOM Central
The External Artifacts Index page displays all external artifacts ever managed by SBOM Central, unless they have been actively removed from the system. The list is sorted by inclusion date, with the most recent entries at the top.
If the user performs a search (filter), the table displays the results from the search.
Table description
| Header | Description |
|---|---|
| Name | Name of the artifact and link to the detailed artifact info , in package url format. About package url (external link). |
| Status | Artifact status described with a set of tags (see below). |
| Vulnerabilities | If vulnerability detected -> text/symbol indicating the most prioritized vulnerability for the artifact (see below). |
| Licenses | Licenses identified for the artifact. Light blue icon= approved, grey= to be analyzed/approved. |
| Weblink | Link to the source of the artifact. |
Artifact status
Status tags are generated using information provided by the Information Services: Health Service.
Each artifact may have a set of one or more of the following status tags.
- Latest stable version : The artifact is verified to be in its latest official release version available.
- Update available : Updates are available for the artifact. Read more.
- Update check disabled : The check is disabled.
- No data : Data cannot be automatically extracted from an online service/api.
- Aging : The latest version of the artifact is more than ~2.5 years old (default setting, may be modified).
- Old : The latest version of the artifact is more than ~5 years old (default setting, may be modified).
- Archived : The project providing the artifact has been set to Archived at the source.
- Manual : Data is manually set, no automatic updates.
- Unresolved : Data is automatically extracted but may have an ambiguous interpretation. Read more
Vulnerabilities are indicated with the status of the most prioritized vulnerability. The row may be expanded to a sub-table making all vulnerabilities visible with: identity, priority, date and analyzed.
Vulnerabilities sub-table description
| Header | Description |
|---|---|
| Identifier | Identity of the vulnerability and a link to detailed vulnerbility info. |
| Priority | Indicating the priority of the vulnerability. |
| Added date | Date when the vulnerability was added to the artifact. |
| Analyzed | A light blue icon is indicating that at least one analysis exists for the vulnerability. |
Filters
| Filter by | Description |
|---|---|
| Search | Search artifact name(s). |
| Type | Filter by type of artifact: Software, OS/Firmware, Hardware. |
| Package type | Filter by type of package e.g. generic, gem, npm, etc. |
| License approval | Filter on has approved, disapproved, etc. |
| License | Filter on has license/has no license |
| Vulnerability | Filter to show artifacts with vulnerabilities in different categories. |
| Status tags | Filter on a set of status tags. |