intel · terriko · Feb 18, 2025 · Feb 17, 2025
diff --git a/sbom/cve-bin-tool-py3.9.json b/sbom/cve-bin-tool-py3.9.json
@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:960aa9e5-24fb-4ac7-9ae3-a4d3cf1cf9bd",
+  "serialNumber": "urn:uuid:f58ce13f-e21a-43b6-81cc-1341081b3452",
   "version": 1,
   "metadata": {
-    "timestamp": "2025-02-10T00:37:25Z",
+    "timestamp": "2025-02-17T00:39:27Z",
     "lifecycles": [
       {
         "phase": "build"
@@ -1057,7 +1057,7 @@
       "type": "library",
       "bom-ref": "15-cvss",
       "name": "cvss",
-      "version": "3.3",
+      "version": "3.4",
       "supplier": {
         "name": "Stanislav Red Hat Product Security",
         "contact": [
@@ -1066,12 +1066,12 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.3:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.4:*:*:*:*:*:*:*",
       "description": "CVSS2/3/4 library with interactive calculator for Python 2 and Python 3",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "cc7326afc7585cc63d0a6ca74dab27d74aa2bc99f5f3d5d4bc4d94a3c22bc0a1"
+          "content": "d9950613758e60820f7fac37ca5f35158712f8f2ea4f6629858a60c4984fe4ef"
         }
       ],
       "licenses": [
@@ -1090,7 +1090,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/cvss/3.3/#files",
+          "url": "https://pypi.org/project/cvss/3.4/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -1111,11 +1111,11 @@
           "type": "build-system"
         }
       ],
-      "purl": "pkg:pypi/cvss@3.3",
+      "purl": "pkg:pypi/cvss@3.4",
       "properties": [
         {
           "name": "release_date",
-          "value": "2024-11-01T10:05:52Z"
+          "value": "2025-02-11T17:28:21Z"
         },
         {
           "name": "language",
@@ -4121,7 +4121,7 @@
       "type": "library",
       "bom-ref": "65-narwhals",
       "name": "narwhals",
-      "version": "1.25.2",
+      "version": "1.26.0",
       "supplier": {
         "name": "Marco Gorelli",
         "contact": [
@@ -4130,7 +4130,7 @@
           }
         ]
       },
-      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.25.2:*:*:*:*:*:*:*",
+      "cpe": "cpe:2.3:a:marco_gorelli:narwhals:1.26.0:*:*:*:*:*:*:*",
       "description": "Extremely lightweight compatibility layer between dataframe libraries",
       "externalReferences": [
         {
@@ -4139,7 +4139,7 @@
           "comment": "Home page for project"
         },
         {
-          "url": "https://pypi.org/project/narwhals/1.25.2/#files",
+          "url": "https://pypi.org/project/narwhals/1.26.0/#files",
           "type": "distribution",
           "comment": "Download location for component"
         },
@@ -4156,7 +4156,7 @@
           "type": "issue-tracker"
         }
       ],
-      "purl": "pkg:pypi/narwhals@1.25.2",
+      "purl": "pkg:pypi/narwhals@1.26.0",
       "properties": [
         {
           "name": "release_date",

diff --git a/sbom/cve-bin-tool-py3.9.spdx b/sbom/cve-bin-tool-py3.9.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
 DataLicense: CC0-1.0
 SPDXID: SPDXRef-DOCUMENT
 DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-bb6bc8d8-1a3d-4700-a61b-3bf7f1c09abe
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-eca82738-6747-42db-aa4f-91e447767b71
 LicenseListVersion: 3.25
 Creator: Tool: sbom4python-0.12.1
-Created: 2025-02-10T00:37:18Z
+Created: 2025-02-17T00:39:20Z
 CreatorComment: <text>This document has been automatically generated.</text>
 ##### 
 
@@ -335,25 +335,25 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
 
 PackageName: cvss
 SPDXID: SPDXRef-15-cvss
-PackageVersion: 3.3
+PackageVersion: 3.4
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Organization: Stanislav Red Hat Product Security ([email protected])
-PackageDownloadLocation: https://pypi.org/project/cvss/3.3/#files
+PackageDownloadLocation: https://pypi.org/project/cvss/3.4/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/RedHatProductSecurity/cvss
-PackageChecksum: SHA256: cc7326afc7585cc63d0a6ca74dab27d74aa2bc99f5f3d5d4bc4d94a3c22bc0a1
+PackageChecksum: SHA256: d9950613758e60820f7fac37ca5f35158712f8f2ea4f6629858a60c4984fe4ef
 PackageLicenseDeclared: NOASSERTION
 PackageLicenseConcluded: LGPL-3.0-or-later
 PackageLicenseComments: <text>cvss declares LGPLv3+ which is not currently a valid SPDX License identifier or expression.</text>
 PackageCopyrightText: NOASSERTION
 PackageSummary: <text>CVSS2/3/4 library with interactive calculator for Python 2 and Python 3</text>
-ReleaseDate: 2024-11-01T10:05:52Z
+ReleaseDate: 2025-02-11T17:28:21Z
 ExternalRef: OTHER other https://github.com/RedHatProductSecurity/cvss/releases
 ExternalRef: OTHER vcs https://github.com/RedHatProductSecurity/cvss
 ExternalRef: OTHER issue-tracker https://github.com/RedHatProductSecurity/cvss/issues
 ExternalRef: OTHER build-system https://github.com/RedHatProductSecurity/cvss/actions
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cvss@3.3
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.3:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/cvss@3.4
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.4:*:*:*:*:*:*:*
 ##### 
 
 PackageName: defusedxml
@@ -1355,10 +1355,10 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:chris_p:plotly:6.0.0:*:*:*:*:*:*:*
 
 PackageName: narwhals
 SPDXID: SPDXRef-65-narwhals
-PackageVersion: 1.25.2
+PackageVersion: 1.26.0
 PrimaryPackagePurpose: LIBRARY
 PackageSupplier: Person: Marco Gorelli ([email protected])
-PackageDownloadLocation: https://pypi.org/project/narwhals/1.25.2/#files
+PackageDownloadLocation: https://pypi.org/project/narwhals/1.26.0/#files
 FilesAnalyzed: false
 PackageHomePage: https://github.com/narwhals-dev/narwhals
 PackageLicenseDeclared: NOASSERTION
@@ -1369,8 +1369,8 @@ ReleaseDate: 2025-01-28T19:33:47Z
 ExternalRef: OTHER documentation https://narwhals-dev.github.io/narwhals/
 ExternalRef: OTHER vcs https://github.com/narwhals-dev/narwhals
 ExternalRef: OTHER issue-tracker https://github.com/narwhals-dev/narwhals/issues
-ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.25.2
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.25.2:*:*:*:*:*:*:*
+ExternalRef: PACKAGE-MANAGER purl pkg:pypi/narwhals@1.26.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:marco_gorelli:narwhals:1.26.0:*:*:*:*:*:*:*
 ##### 
 
 PackageName: requests