Tool Information
Name: SBOMHub
Website: https://sbomhub.app
Repository: https://github.com/youichi-uda/sbomhub
Description:
Open-source SBOM management dashboard with vulnerability tracking, VEX support, license compliance, and compliance scoring. Supports both CycloneDX (1.4-1.7) and SPDX (2.2-3.0) formats.
Category: Management / Analysis
Features:
- SBOM upload and parsing (CycloneDX, SPDX)
- Vulnerability tracking (NVD, JVN integration)
- VEX (Vulnerability Exploitability eXchange) support
- License compliance checking
- Compliance scoring for regulatory requirements
- REST API and CLI tool
- GitHub integration
Deployment:
License: AGPL-3.0
Standards Support:
- CycloneDX: 1.4, 1.5, 1.6, 1.7
- SPDX: 2.2, 2.3, 3.0
I would like to add SBOMHub to the SBOM Catalog. Please let me know if any additional information is needed.
Tool Information
Name: SBOMHub
Website: https://sbomhub.app
Repository: https://github.com/youichi-uda/sbomhub
Description:
Open-source SBOM management dashboard with vulnerability tracking, VEX support, license compliance, and compliance scoring. Supports both CycloneDX (1.4-1.7) and SPDX (2.2-3.0) formats.
Category: Management / Analysis
Features:
Deployment:
License: AGPL-3.0
Standards Support:
I would like to add SBOMHub to the SBOM Catalog. Please let me know if any additional information is needed.