Sunshine - SBOM visualization tool
Analyzed CycloneDX JSON file: sample.json
Summary
Components chart
Components table
This table visualizes components, their dependencies, vulnerabilities and licenses.
The colors of the elements in columns "Component", "Depends on" and "Dependency of" indicate the vulnerability status of the components:
- Dark red: affected by at least one critical severity vulnerability.
- Red: affected by at least one high severity vulnerability.
- Orange: affected by at least one medium severity vulnerability.
- Yellow: affected by at least one low severity vulnerability.
- Green: affected by at least one informational severity vulnerability.
- Light blue: not directly affected by vulnerabilities but has at least one vulnerable dependency.
- Grey: neither the component nor its dependencies are affected by any vulnerabilities.
The colors of the elements in columns "Direct vulnerabilities" and "Transitive vulnerabilities" indicate the severity of the vulnerabilities:
- Dark red: critical.
- Red: high.
- Orange: medium.
- Yellow:low.
- Green:informational.
Vulnerabilities table
This table focuses on vulnerabilities and shows the components that are affected either directly or transitively.
The colors of the elements in column "Vulnerability" indicate the severity of the vulnerabilities:
- Dark red: critical.
- Red: high.
- Orange: medium.
- Yellow:low.
- Green:informational.
The colors of the elements in columns "Directly vulnerable components" and "Transitively vulnerable components" indicate the vulnerability status of the components:
- Dark red: affected by at least one critical severity vulnerability.
- Red: affected by at least one high severity vulnerability.
- Orange: affected by at least one medium severity vulnerability.
- Yellow: affected by at least one low severity vulnerability.
- Green: affected by at least one informational severity vulnerability.
- Light blue: not directly affected by vulnerabilities but has at least one vulnerable dependency.