diff --git a/.github/actions/spelling/excludes.txt b/.github/actions/spelling/excludes.txt
index b01bd3f0c1..4c3141c371 100644
--- a/.github/actions/spelling/excludes.txt
+++ b/.github/actions/spelling/excludes.txt
@@ -1,2 +1,3 @@
 ^\.github/
 ^locales/
+^sbom/
diff --git a/doc/requirements.txt b/doc/requirements.txt
index 9a82cb3862..69edd6e496 100644
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@@ -1,6 +1,7 @@
-Sphinx==7.4.7
+Sphinx==8.0.2
 sphinx_markdown_tables
-myst_parser==3.0.1
+myst_parser==4.0.0
+sphinx-markdown-tables
 sbom2doc
 pillow>=10.3.0 # not directly required, pinned by Snyk to avoid a vulnerability
 requests>=2.32.2 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/sbom/sboms_for_humans/README.md b/sbom/sboms_for_humans/README.md
index 593cdbeb96..f058a56e66 100644
--- a/sbom/sboms_for_humans/README.md
+++ b/sbom/sboms_for_humans/README.md
@@ -11,3 +11,57 @@ To manually build human readable files:
 
 Generated human readable SBOMs:
 
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
+- [cve-bin-tool-py3.10](cve-bin-tool-py3.10.md)
+- [cve-bin-tool-py3.11](cve-bin-tool-py3.11.md)
+- [cve-bin-tool-py3.12](cve-bin-tool-py3.12.md)
+- [cve-bin-tool-py3.7](cve-bin-tool-py3.7.md)
+- [cve-bin-tool-py3.8](cve-bin-tool-py3.8.md)
+- [cve-bin-tool-py3.9](cve-bin-tool-py3.9.md)
diff --git a/sbom/sboms_for_humans/cve-bin-tool-py3.10.md b/sbom/sboms_for_humans/cve-bin-tool-py3.10.md
new file mode 100644
index 0000000000..b76e78f67f
--- /dev/null
+++ b/sbom/sboms_for_humans/cve-bin-tool-py3.10.md
@@ -0,0 +1,349 @@
+
+# SBOM Summary
+
+Item | Details
+| -------- | -------- 
+SBOM File | cve-bin-tool-py3.10.spdx
+SBOM Type | spdx
+Version | SPDX-2.3
+Name | Python-cve-bin-tool
+Creator | Tool:sbom4python-0.11.3
+Created | 2024-11-11T00:37:01Z
+Files | 0
+Packages | 74
+Relationships | 112
+Services | 0
+Vulnerabilities | 0
+
+# Package Summary
+
+Name | Version | Type | Supplier | License
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | APPLICATION | Terri Oda (terri.oda@intel.com) | GPL-3.0-or-later
+aiohttp | 3.10.10 | LIBRARY | NOASSERTION | Apache-2.0
+aiohappyeyeballs | 2.4.3 | LIBRARY | J. Nick Koston (nick@koston.org) | PSF-2.0
+aiosignal | 1.3.1 | LIBRARY | NOASSERTION | Apache-2.0
+frozenlist | 1.5.0 | LIBRARY | NOASSERTION | Apache-2.0
+async-timeout | 4.0.3 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+attrs | 24.2.0 | LIBRARY | Hynek Schlawack (hs@ox.cx) | NOASSERTION
+multidict | 6.1.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+typing-extensions | 4.12.2 | LIBRARY | Guido van Jukka ukasz Michael (levkivskyi@gmail.com) | NOASSERTION
+yarl | 1.17.1 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+idna | 3.10 | LIBRARY | Kim Davies (kim+pypi@gumleaf.org) | NOASSERTION
+propcache | 0.2.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+beautifulsoup4 | 4.12.3 | LIBRARY | Leonard Richardson (leonardr@segfault.org) | MIT
+soupsieve | 2.6 | LIBRARY | Isaac Muse (Isaac.Muse@gmail.com) | NOASSERTION
+cvss | 3.3 | LIBRARY | Stanislav Red Hat Product Security (skontar@redhat.com) | LGPL-3.0-or-later
+defusedxml | 0.7.1 | LIBRARY | Christian Heimes (christian@python.org) | PSF-2.0
+distro | 1.9.0 | LIBRARY | Nir Cohen (nir36g@gmail.com) | Apache-2.0
+filetype | 1.2.0 | LIBRARY | Tomas Aparicio (tomas@aparicio.me) | MIT
+gsutil | 5.31 | LIBRARY | Google Inc. (buganizer-system+187143@google.com) | Apache-2.0
+argcomplete | 3.5.1 | LIBRARY | Andrey Kislyuk (kislyuk@gmail.com) | Apache-2.0
+crcmod | 1.7 | LIBRARY | Ray Buvel (rlbuvel@gmail.com) | MIT
+fasteners | 0.19 | LIBRARY | Joshua Harlow | Apache-2.0
+gcs-oauth2-boto-plugin | 3.2 | LIBRARY | Google Inc. (gs-team@google.com) | Apache-2.0
+boto | 2.49.0 | LIBRARY | Mitch Garnaat (mitch@garnaat.com) | MIT
+google-auth | 2.17.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+cachetools | 5.5.0 | LIBRARY | Thomas Kemmer (tkemmer@computer.org) | MIT
+pyasn1-modules | 0.4.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-3-Clause
+pyasn1 | 0.6.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-2-Clause
+rsa | 4.7.2 | LIBRARY | Sybren A. Stuvel (sybren@stuvel.eu) | Apache-2.0
+six | 1.16.0 | LIBRARY | Benjamin Peterson (benjamin@python.org) | MIT
+google-auth-httplib2 | 0.2.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+httplib2 | 0.20.4 | LIBRARY | Joe Gregorio (joe@bitworking.org) | MIT
+pyparsing | 3.2.0 | LIBRARY | Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | NOASSERTION
+google-reauth | 0.1.1 | LIBRARY | Google (googleapis-publisher@google.com) | Apache-2.0
+pyu2f | 0.1.5 | LIBRARY | Google Inc. (pyu2f-team@google.com) | Apache-2.0
+oauth2client | 4.1.3 | LIBRARY | Google Inc. (jonwayne+oauth2client@google.com) | Apache-2.0
+pyopenssl | 24.2.1 | LIBRARY | The pyOpenSSL developers (cryptography-dev@python.org) | Apache-2.0
+cryptography | 43.0.3 | LIBRARY | The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | Apache-2.0 OR BSD-3-Clause
+cffi | 1.17.1 | LIBRARY | Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | MIT
+pycparser | 2.22 | LIBRARY | Eli Bendersky (eliben@gmail.com) | BSD-3-Clause
+retry-decorator | 1.1.1 | LIBRARY | Patrick Ng (pn.appdev@gmail.com) | MIT
+google-apitools | 0.5.32 | LIBRARY | Craig Citro (craigcitro@google.com) | Apache-2.0
+monotonic | 1.6 | LIBRARY | Ori Livneh (ori@wikimedia.org) | Apache-2.0
+jinja2 | 3.1.4 | LIBRARY | NOASSERTION | NOASSERTION
+markupsafe | 3.0.2 | LIBRARY | NOASSERTION | NOASSERTION
+jsonschema | 4.23.0 | LIBRARY | Julian Berman (Julian+jsonschema@GrayVines.com) | MIT
+jsonschema-specifications | 2024.10.1 | LIBRARY | Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | NOASSERTION
+referencing | 0.35.1 | LIBRARY | Julian Berman (Julian+referencing@GrayVines.com) | NOASSERTION
+rpds-py | 0.21.0 | LIBRARY | Julian Berman (Julian+rpds@GrayVines.com) | NOASSERTION
+lib4sbom | 0.7.5 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+pyyaml | 6.0.2 | LIBRARY | Kirill Simonov (xi@resolvent.net) | MIT
+semantic-version | 2.10.0 | LIBRARY | Raphael Barrois (raphael.barrois+semver@polytechnique.org) | BSD-3-Clause
+lib4vex | 0.2.0 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+csaf-tool | 0.3.2 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | MIT
+packageurl-python | 0.16.0 | LIBRARY | the purl authors | MIT
+rich | 13.9.4 | LIBRARY | Will McGugan (willmcgugan@gmail.com) | MIT
+markdown-it-py | 3.0.0 | LIBRARY | Chris Sewell (chrisj_sewell@hotmail.com) | NOASSERTION
+mdurl | 0.1.2 | LIBRARY | Taneli Hukkinen (hukkin@users.noreply.github.com) | NOASSERTION
+pygments | 2.18.0 | LIBRARY | Georg Brandl (georg@python.org) | BSD-2-Clause
+packaging | 24.2 | LIBRARY | Donald Stufft (donald@stufft.io) | NOASSERTION
+plotly | 5.24.1 | LIBRARY | Chris P (chris@plot.ly) | MIT
+tenacity | 9.0.0 | LIBRARY | Julien Danjou (julien@danjou.info) | Apache-2.0
+python-gnupg | 0.5.3 | LIBRARY | Vinay Sajip (vinay_sajip@yahoo.co.uk) | BSD-3-Clause
+requests | 2.32.3 | LIBRARY | Kenneth Reitz (me@kennethreitz.org) | Apache-2.0
+certifi | 2024.8.30 | LIBRARY | Kenneth Reitz (me@kennethreitz.com) | MPL-2.0
+charset-normalizer | 3.4.0 | LIBRARY | Ahmed TAHRI (tahri.ahmed@proton.me) | MIT
+urllib3 | 2.2.3 | LIBRARY | Andrey Petrov (andrey.petrov@shazow.net) | NOASSERTION
+rpmfile | 2.1.0 | LIBRARY | Sean Ross (srossross@gmail.com) | MIT
+setuptools | 75.3.0 | LIBRARY | Python Packaging Authority (distutils-sig@python.org) | NOASSERTION
+toml | 0.10.2 | LIBRARY | William Pearson (uiri@xqz.ca) | MIT
+xmlschema | 3.4.3 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+elementpath | 4.6.0 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+zipp | 3.21.0 | LIBRARY | Jason R. (jaraco@jaraco.com) | NOASSERTION
+zstandard | 0.23.0 | LIBRARY | Gregory Szorc (gregory.szorc@gmail.com) | BSD-3-Clause
+
+Name | Version | Ecosystem | Download | Copyright
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | pypi | https://pypi.org/project/cve-bin-tool/3.4/#files | NOASSERTION
+aiohttp | 3.10.10 | pypi | https://pypi.org/project/aiohttp/3.10.10/#files | NOASSERTION
+aiohappyeyeballs | 2.4.3 | pypi | https://pypi.org/project/aiohappyeyeballs/2.4.3/#files | NOASSERTION
+aiosignal | 1.3.1 | pypi | https://pypi.org/project/aiosignal/1.3.1/#files | NOASSERTION
+frozenlist | 1.5.0 | pypi | https://pypi.org/project/frozenlist/1.5.0/#files | NOASSERTION
+async-timeout | 4.0.3 | pypi | https://pypi.org/project/async-timeout/4.0.3/#files | NOASSERTION
+attrs | 24.2.0 | pypi | https://pypi.org/project/attrs/24.2.0/#files | NOASSERTION
+multidict | 6.1.0 | pypi | https://pypi.org/project/multidict/6.1.0/#files | NOASSERTION
+typing-extensions | 4.12.2 | pypi | https://pypi.org/project/typing-extensions/4.12.2/#files | NOASSERTION
+yarl | 1.17.1 | pypi | https://pypi.org/project/yarl/1.17.1/#files | NOASSERTION
+idna | 3.10 | pypi | https://pypi.org/project/idna/3.10/#files | NOASSERTION
+propcache | 0.2.0 | pypi | https://pypi.org/project/propcache/0.2.0/#files | NOASSERTION
+beautifulsoup4 | 4.12.3 | pypi | https://pypi.org/project/beautifulsoup4/4.12.3/#files | NOASSERTION
+soupsieve | 2.6 | pypi | https://pypi.org/project/soupsieve/2.6/#files | NOASSERTION
+cvss | 3.3 | pypi | https://pypi.org/project/cvss/3.3/#files | NOASSERTION
+defusedxml | 0.7.1 | pypi | https://pypi.org/project/defusedxml/0.7.1/#files | NOASSERTION
+distro | 1.9.0 | pypi | https://pypi.org/project/distro/1.9.0/#files | NOASSERTION
+filetype | 1.2.0 | pypi | https://pypi.org/project/filetype/1.2.0/#files | NOASSERTION
+gsutil | 5.31 | pypi | https://pypi.org/project/gsutil/5.31/#files | NOASSERTION
+argcomplete | 3.5.1 | pypi | https://pypi.org/project/argcomplete/3.5.1/#files | NOASSERTION
+crcmod | 1.7 | pypi | https://pypi.org/project/crcmod/1.7/#files | NOASSERTION
+fasteners | 0.19 | pypi | https://pypi.org/project/fasteners/0.19/#files | NOASSERTION
+gcs-oauth2-boto-plugin | 3.2 | pypi | https://pypi.org/project/gcs-oauth2-boto-plugin/3.2/#files | NOASSERTION
+boto | 2.49.0 | pypi | https://pypi.org/project/boto/2.49.0/#files | NOASSERTION
+google-auth | 2.17.0 | pypi | https://pypi.org/project/google-auth/2.17.0/#files | NOASSERTION
+cachetools | 5.5.0 | pypi | https://pypi.org/project/cachetools/5.5.0/#files | NOASSERTION
+pyasn1-modules | 0.4.1 | pypi | https://pypi.org/project/pyasn1-modules/0.4.1/#files | NOASSERTION
+pyasn1 | 0.6.1 | pypi | https://pypi.org/project/pyasn1/0.6.1/#files | NOASSERTION
+rsa | 4.7.2 | pypi | https://pypi.org/project/rsa/4.7.2/#files | NOASSERTION
+six | 1.16.0 | pypi | https://pypi.org/project/six/1.16.0/#files | NOASSERTION
+google-auth-httplib2 | 0.2.0 | pypi | https://pypi.org/project/google-auth-httplib2/0.2.0/#files | NOASSERTION
+httplib2 | 0.20.4 | pypi | https://pypi.org/project/httplib2/0.20.4/#files | NOASSERTION
+pyparsing | 3.2.0 | pypi | https://pypi.org/project/pyparsing/3.2.0/#files | NOASSERTION
+google-reauth | 0.1.1 | pypi | https://pypi.org/project/google-reauth/0.1.1/#files | NOASSERTION
+pyu2f | 0.1.5 | pypi | https://pypi.org/project/pyu2f/0.1.5/#files | NOASSERTION
+oauth2client | 4.1.3 | pypi | https://pypi.org/project/oauth2client/4.1.3/#files | NOASSERTION
+pyopenssl | 24.2.1 | pypi | https://pypi.org/project/pyopenssl/24.2.1/#files | NOASSERTION
+cryptography | 43.0.3 | pypi | https://pypi.org/project/cryptography/43.0.3/#files | NOASSERTION
+cffi | 1.17.1 | pypi | https://pypi.org/project/cffi/1.17.1/#files | NOASSERTION
+pycparser | 2.22 | pypi | https://pypi.org/project/pycparser/2.22/#files | NOASSERTION
+retry-decorator | 1.1.1 | pypi | https://pypi.org/project/retry-decorator/1.1.1/#files | NOASSERTION
+google-apitools | 0.5.32 | pypi | https://pypi.org/project/google-apitools/0.5.32/#files | NOASSERTION
+monotonic | 1.6 | pypi | https://pypi.org/project/monotonic/1.6/#files | NOASSERTION
+jinja2 | 3.1.4 | pypi | https://pypi.org/project/jinja2/3.1.4/#files | NOASSERTION
+markupsafe | 3.0.2 | pypi | https://pypi.org/project/markupsafe/3.0.2/#files | NOASSERTION
+jsonschema | 4.23.0 | pypi | https://pypi.org/project/jsonschema/4.23.0/#files | NOASSERTION
+jsonschema-specifications | 2024.10.1 | pypi | https://pypi.org/project/jsonschema-specifications/2024.10.1/#files | NOASSERTION
+referencing | 0.35.1 | pypi | https://pypi.org/project/referencing/0.35.1/#files | NOASSERTION
+rpds-py | 0.21.0 | pypi | https://pypi.org/project/rpds-py/0.21.0/#files | NOASSERTION
+lib4sbom | 0.7.5 | pypi | https://pypi.org/project/lib4sbom/0.7.5/#files | NOASSERTION
+pyyaml | 6.0.2 | pypi | https://pypi.org/project/pyyaml/6.0.2/#files | NOASSERTION
+semantic-version | 2.10.0 | pypi | https://pypi.org/project/semantic-version/2.10.0/#files | NOASSERTION
+lib4vex | 0.2.0 | pypi | https://pypi.org/project/lib4vex/0.2.0/#files | NOASSERTION
+csaf-tool | 0.3.2 | pypi | https://pypi.org/project/csaf-tool/0.3.2/#files | NOASSERTION
+packageurl-python | 0.16.0 | pypi | https://pypi.org/project/packageurl-python/0.16.0/#files | NOASSERTION
+rich | 13.9.4 | pypi | https://pypi.org/project/rich/13.9.4/#files | NOASSERTION
+markdown-it-py | 3.0.0 | pypi | https://pypi.org/project/markdown-it-py/3.0.0/#files | NOASSERTION
+mdurl | 0.1.2 | pypi | https://pypi.org/project/mdurl/0.1.2/#files | NOASSERTION
+pygments | 2.18.0 | pypi | https://pypi.org/project/pygments/2.18.0/#files | NOASSERTION
+packaging | 24.2 | pypi | https://pypi.org/project/packaging/24.2/#files | NOASSERTION
+plotly | 5.24.1 | pypi | https://pypi.org/project/plotly/5.24.1/#files | NOASSERTION
+tenacity | 9.0.0 | pypi | https://pypi.org/project/tenacity/9.0.0/#files | NOASSERTION
+python-gnupg | 0.5.3 | pypi | https://pypi.org/project/python-gnupg/0.5.3/#files | NOASSERTION
+requests | 2.32.3 | pypi | https://pypi.org/project/requests/2.32.3/#files | NOASSERTION
+certifi | 2024.8.30 | pypi | https://pypi.org/project/certifi/2024.8.30/#files | NOASSERTION
+charset-normalizer | 3.4.0 | pypi | https://pypi.org/project/charset-normalizer/3.4.0/#files | NOASSERTION
+urllib3 | 2.2.3 | pypi | https://pypi.org/project/urllib3/2.2.3/#files | NOASSERTION
+rpmfile | 2.1.0 | pypi | https://pypi.org/project/rpmfile/2.1.0/#files | NOASSERTION
+setuptools | 75.3.0 | pypi | https://pypi.org/project/setuptools/75.3.0/#files | NOASSERTION
+toml | 0.10.2 | pypi | https://pypi.org/project/toml/0.10.2/#files | NOASSERTION
+xmlschema | 3.4.3 | pypi | https://pypi.org/project/xmlschema/3.4.3/#files | NOASSERTION
+elementpath | 4.6.0 | pypi | https://pypi.org/project/elementpath/4.6.0/#files | NOASSERTION
+zipp | 3.21.0 | pypi | https://pypi.org/project/zipp/3.21.0/#files | NOASSERTION
+zstandard | 0.23.0 | pypi | https://pypi.org/project/zstandard/0.23.0/#files | NOASSERTION
+
+Name | PURL | CPE
+| -------- | -------- | -------- 
+cve-bin-tool | pkg:pypi/cve-bin-tool@3.4 | cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*:*
+aiohttp | pkg:pypi/aiohttp@3.10.10 | 
+aiohappyeyeballs | pkg:pypi/aiohappyeyeballs@2.4.3 | cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.3:*:*:*:*:*:*:*
+aiosignal | pkg:pypi/aiosignal@1.3.1 | 
+frozenlist | pkg:pypi/frozenlist@1.5.0 | 
+async-timeout | pkg:pypi/async-timeout@4.0.3 | cpe:2.3:a:andrew_svetlov:async-timeout:4.0.3:*:*:*:*:*:*:*
+attrs | pkg:pypi/attrs@24.2.0 | cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:*:*:*
+multidict | pkg:pypi/multidict@6.1.0 | cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*
+typing-extensions | pkg:pypi/typing-extensions@4.12.2 | cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.12.2:*:*:*:*:*:*:*
+yarl | pkg:pypi/yarl@1.17.1 | cpe:2.3:a:andrew_svetlov:yarl:1.17.1:*:*:*:*:*:*:*
+idna | pkg:pypi/idna@3.10 | cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
+propcache | pkg:pypi/propcache@0.2.0 | cpe:2.3:a:andrew_svetlov:propcache:0.2.0:*:*:*:*:*:*:*
+beautifulsoup4 | pkg:pypi/beautifulsoup4@4.12.3 | cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*
+soupsieve | pkg:pypi/soupsieve@2.6 | cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
+cvss | pkg:pypi/cvss@3.3 | cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.3:*:*:*:*:*:*:*
+defusedxml | pkg:pypi/defusedxml@0.7.1 | cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:*:*:*:*:*
+distro | pkg:pypi/distro@1.9.0 | cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
+filetype | pkg:pypi/filetype@1.2.0 | cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:*:*:*
+gsutil | pkg:pypi/gsutil@5.31 | cpe:2.3:a:google_inc.:gsutil:5.31:*:*:*:*:*:*:*
+argcomplete | pkg:pypi/argcomplete@3.5.1 | cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.1:*:*:*:*:*:*:*
+crcmod | pkg:pypi/crcmod@1.7 | cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
+fasteners | pkg:pypi/fasteners@0.19 | cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*:*:*
+gcs-oauth2-boto-plugin | pkg:pypi/gcs-oauth2-boto-plugin@3.2 | cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2:*:*:*:*:*:*:*
+boto | pkg:pypi/boto@2.49.0 | cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:*
+google-auth | pkg:pypi/google-auth@2.17.0 | cpe:2.3:a:google_cloud_platform:google-auth:2.17.0:*:*:*:*:*:*:*
+cachetools | pkg:pypi/cachetools@5.5.0 | cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*
+pyasn1-modules | pkg:pypi/pyasn1-modules@0.4.1 | cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*
+pyasn1 | pkg:pypi/pyasn1@0.6.1 | cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*
+rsa | pkg:pypi/rsa@4.7.2 | cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*:*
+six | pkg:pypi/six@1.16.0 | cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*:*:*
+google-auth-httplib2 | pkg:pypi/google-auth-httplib2@0.2.0 | cpe:2.3:a:google_cloud_platform:google-auth-httplib2:0.2.0:*:*:*:*:*:*:*
+httplib2 | pkg:pypi/httplib2@0.20.4 | cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*:*:*
+pyparsing | pkg:pypi/pyparsing@3.2.0 | cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*
+google-reauth | pkg:pypi/google-reauth@0.1.1 | cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*:*
+pyu2f | pkg:pypi/pyu2f@0.1.5 | cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
+oauth2client | pkg:pypi/oauth2client@4.1.3 | cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*:*:*:*
+pyopenssl | pkg:pypi/pyopenssl@24.2.1 | cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.2.1:*:*:*:*:*:*:*
+cryptography | pkg:pypi/cryptography@43.0.3 | cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*
+cffi | pkg:pypi/cffi@1.17.1 | cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:*:*:*:*:*:*:*
+pycparser | pkg:pypi/pycparser@2.22 | cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:*:*:*
+retry-decorator | pkg:pypi/retry-decorator@1.1.1 | cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*:*:*:*:*
+google-apitools | pkg:pypi/google-apitools@0.5.32 | cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*:*:*:*:*:*
+monotonic | pkg:pypi/monotonic@1.6 | cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
+jinja2 | pkg:pypi/jinja2@3.1.4 | 
+markupsafe | pkg:pypi/markupsafe@3.0.2 | 
+jsonschema | pkg:pypi/jsonschema@4.23.0 | cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:*:*:*:*
+jsonschema-specifications | pkg:pypi/jsonschema-specifications@2024.10.1 | cpe:2.3:a:julian_berman:jsonschema-specifications:2024.10.1:*:*:*:*:*:*:*
+referencing | pkg:pypi/referencing@0.35.1 | cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*:*:*:*:*
+rpds-py | pkg:pypi/rpds-py@0.21.0 | cpe:2.3:a:julian_berman:rpds-py:0.21.0:*:*:*:*:*:*:*
+lib4sbom | pkg:pypi/lib4sbom@0.7.5 | cpe:2.3:a:anthony_harrison:lib4sbom:0.7.5:*:*:*:*:*:*:*
+pyyaml | pkg:pypi/pyyaml@6.0.2 | cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*:*:*
+semantic-version | pkg:pypi/semantic-version@2.10.0 | cpe:2.3:a:raphael_barrois:semantic-version:2.10.0:*:*:*:*:*:*:*
+lib4vex | pkg:pypi/lib4vex@0.2.0 | cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*
+csaf-tool | pkg:pypi/csaf-tool@0.3.2 | cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:*:*:*:*:*
+packageurl-python | pkg:pypi/packageurl-python@0.16.0 | cpe:2.3:a:the_purl_authors:packageurl-python:0.16.0:*:*:*:*:*:*:*
+rich | pkg:pypi/rich@13.9.4 | cpe:2.3:a:will_mcgugan:rich:13.9.4:*:*:*:*:*:*:*
+markdown-it-py | pkg:pypi/markdown-it-py@3.0.0 | cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:*:*:*:*:*
+mdurl | pkg:pypi/mdurl@0.1.2 | cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:*:*
+pygments | pkg:pypi/pygments@2.18.0 | cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*:*:*
+packaging | pkg:pypi/packaging@24.2 | cpe:2.3:a:donald_stufft:packaging:24.2:*:*:*:*:*:*:*
+plotly | pkg:pypi/plotly@5.24.1 | cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
+tenacity | pkg:pypi/tenacity@9.0.0 | cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*
+python-gnupg | pkg:pypi/python-gnupg@0.5.3 | cpe:2.3:a:vinay_sajip:python-gnupg:0.5.3:*:*:*:*:*:*:*
+requests | pkg:pypi/requests@2.32.3 | cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*:*:*:*
+certifi | pkg:pypi/certifi@2024.8.30 | cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*:*:*:*:*
+charset-normalizer | pkg:pypi/charset-normalizer@3.4.0 | cpe:2.3:a:ahmed_tahri:charset-normalizer:3.4.0:*:*:*:*:*:*:*
+urllib3 | pkg:pypi/urllib3@2.2.3 | cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*
+rpmfile | pkg:pypi/rpmfile@2.1.0 | cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
+setuptools | pkg:pypi/setuptools@75.3.0 | cpe:2.3:a:python_packaging_authority:setuptools:75.3.0:*:*:*:*:*:*:*
+toml | pkg:pypi/toml@0.10.2 | cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:*:*
+xmlschema | pkg:pypi/xmlschema@3.4.3 | cpe:2.3:a:davide_brunato:xmlschema:3.4.3:*:*:*:*:*:*:*
+elementpath | pkg:pypi/elementpath@4.6.0 | cpe:2.3:a:davide_brunato:elementpath:4.6.0:*:*:*:*:*:*:*
+zipp | pkg:pypi/zipp@3.21.0 | cpe:2.3:a:jason_r.:zipp:3.21.0:*:*:*:*:*:*:*
+zstandard | pkg:pypi/zstandard@0.23.0 | cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*:*:*:*
+
+# Component Type Summary
+
+Type | Count
+| -------- | -------- 
+APPLICATION | 1
+LIBRARY | 73
+
+# License Summary
+
+License | Count
+| -------- | -------- 
+Apache-2.0 | 25
+Apache-2.0 OR BSD-3-Clause | 1
+BSD-2-Clause | 2
+BSD-3-Clause | 5
+GPL-3.0-or-later | 1
+LGPL-3.0-or-later | 1
+MIT | 20
+MPL-2.0 | 1
+NOASSERTION | 16
+PSF-2.0 | 2
+
+# Supplier Summary
+
+Supplier | Count
+| -------- | -------- 
+Ahmed TAHRI (tahri.ahmed@proton.me) | 1
+Andrew Svetlov (andrew.svetlov@gmail.com) | 4
+Andrey Kislyuk (kislyuk@gmail.com) | 1
+Andrey Petrov (andrey.petrov@shazow.net) | 1
+Anthony Harrison (anthony.p.harrison@gmail.com) | 3
+Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | 1
+Benjamin Peterson (benjamin@python.org) | 1
+Chris P (chris@plot.ly) | 1
+Chris Sewell (chrisj_sewell@hotmail.com) | 1
+Christian Heimes (christian@python.org) | 1
+Craig Citro (craigcitro@google.com) | 1
+Davide Brunato (brunato@sissa.it) | 2
+Donald Stufft (donald@stufft.io) | 1
+Eli Bendersky (eliben@gmail.com) | 1
+Georg Brandl (georg@python.org) | 1
+Google (googleapis-publisher@google.com) | 1
+Google Cloud Platform (googleapis-packages@google.com) | 2
+Google Inc. (buganizer-system+187143@google.com) | 1
+Google Inc. (gs-team@google.com) | 1
+Google Inc. (jonwayne+oauth2client@google.com) | 1
+Google Inc. (pyu2f-team@google.com) | 1
+Gregory Szorc (gregory.szorc@gmail.com) | 1
+Guido van Jukka ukasz Michael (levkivskyi@gmail.com) | 1
+Hynek Schlawack (hs@ox.cx) | 1
+Ilya Etingof (etingof@gmail.com) | 2
+Isaac Muse (Isaac.Muse@gmail.com) | 1
+J. Nick Koston (nick@koston.org) | 1
+Jason R. (jaraco@jaraco.com) | 1
+Joe Gregorio (joe@bitworking.org) | 1
+Joshua Harlow | 1
+Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | 1
+Julian Berman (Julian+jsonschema@GrayVines.com) | 1
+Julian Berman (Julian+referencing@GrayVines.com) | 1
+Julian Berman (Julian+rpds@GrayVines.com) | 1
+Julien Danjou (julien@danjou.info) | 1
+Kenneth Reitz (me@kennethreitz.com) | 1
+Kenneth Reitz (me@kennethreitz.org) | 1
+Kim Davies (kim+pypi@gumleaf.org) | 1
+Kirill Simonov (xi@resolvent.net) | 1
+Leonard Richardson (leonardr@segfault.org) | 1
+Mitch Garnaat (mitch@garnaat.com) | 1
+NOASSERTION | 5
+Nir Cohen (nir36g@gmail.com) | 1
+Ori Livneh (ori@wikimedia.org) | 1
+Patrick Ng (pn.appdev@gmail.com) | 1
+Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | 1
+Python Packaging Authority (distutils-sig@python.org) | 1
+Raphael Barrois (raphael.barrois+semver@polytechnique.org) | 1
+Ray Buvel (rlbuvel@gmail.com) | 1
+Sean Ross (srossross@gmail.com) | 1
+Stanislav Red Hat Product Security (skontar@redhat.com) | 1
+Sybren A. Stuvel (sybren@stuvel.eu) | 1
+Taneli Hukkinen (hukkin@users.noreply.github.com) | 1
+Terri Oda (terri.oda@intel.com) | 1
+The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | 1
+The pyOpenSSL developers (cryptography-dev@python.org) | 1
+Thomas Kemmer (tkemmer@computer.org) | 1
+Tomas Aparicio (tomas@aparicio.me) | 1
+Vinay Sajip (vinay_sajip@yahoo.co.uk) | 1
+Will McGugan (willmcgugan@gmail.com) | 1
+William Pearson (uiri@xqz.ca) | 1
+the purl authors | 1
+
+# NTIA Summary
+
+Element | Status
+| -------- | -------- 
+All file information provided? | True
+All package information provided? | False
+Creator identified? | True
+Creation time identified? | True
+Dependency relationships provided? | True
+NTIA conformant False
diff --git a/sbom/sboms_for_humans/cve-bin-tool-py3.11.md b/sbom/sboms_for_humans/cve-bin-tool-py3.11.md
new file mode 100644
index 0000000000..19d775f3aa
--- /dev/null
+++ b/sbom/sboms_for_humans/cve-bin-tool-py3.11.md
@@ -0,0 +1,338 @@
+
+# SBOM Summary
+
+Item | Details
+| -------- | -------- 
+SBOM File | cve-bin-tool-py3.11.spdx
+SBOM Type | spdx
+Version | SPDX-2.3
+Name | Python-cve-bin-tool
+Creator | Tool:sbom4python-0.11.3
+Created | 2024-11-11T00:37:01Z
+Files | 0
+Packages | 71
+Relationships | 108
+Services | 0
+Vulnerabilities | 0
+
+# Package Summary
+
+Name | Version | Type | Supplier | License
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | APPLICATION | Terri Oda (terri.oda@intel.com) | GPL-3.0-or-later
+aiohttp | 3.10.10 | LIBRARY | NOASSERTION | Apache-2.0
+aiohappyeyeballs | 2.4.3 | LIBRARY | J. Nick Koston (nick@koston.org) | PSF-2.0
+aiosignal | 1.3.1 | LIBRARY | NOASSERTION | Apache-2.0
+frozenlist | 1.5.0 | LIBRARY | NOASSERTION | Apache-2.0
+attrs | 24.2.0 | LIBRARY | Hynek Schlawack (hs@ox.cx) | NOASSERTION
+multidict | 6.1.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+yarl | 1.17.1 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+idna | 3.10 | LIBRARY | Kim Davies (kim+pypi@gumleaf.org) | NOASSERTION
+propcache | 0.2.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+beautifulsoup4 | 4.12.3 | LIBRARY | Leonard Richardson (leonardr@segfault.org) | MIT
+soupsieve | 2.6 | LIBRARY | Isaac Muse (Isaac.Muse@gmail.com) | NOASSERTION
+cvss | 3.3 | LIBRARY | Stanislav Red Hat Product Security (skontar@redhat.com) | LGPL-3.0-or-later
+defusedxml | 0.7.1 | LIBRARY | Christian Heimes (christian@python.org) | PSF-2.0
+distro | 1.9.0 | LIBRARY | Nir Cohen (nir36g@gmail.com) | Apache-2.0
+filetype | 1.2.0 | LIBRARY | Tomas Aparicio (tomas@aparicio.me) | MIT
+gsutil | 5.31 | LIBRARY | Google Inc. (buganizer-system+187143@google.com) | Apache-2.0
+argcomplete | 3.5.1 | LIBRARY | Andrey Kislyuk (kislyuk@gmail.com) | Apache-2.0
+crcmod | 1.7 | LIBRARY | Ray Buvel (rlbuvel@gmail.com) | MIT
+fasteners | 0.19 | LIBRARY | Joshua Harlow | Apache-2.0
+gcs-oauth2-boto-plugin | 3.2 | LIBRARY | Google Inc. (gs-team@google.com) | Apache-2.0
+boto | 2.49.0 | LIBRARY | Mitch Garnaat (mitch@garnaat.com) | MIT
+google-auth | 2.17.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+cachetools | 5.5.0 | LIBRARY | Thomas Kemmer (tkemmer@computer.org) | MIT
+pyasn1-modules | 0.4.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-3-Clause
+pyasn1 | 0.6.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-2-Clause
+rsa | 4.7.2 | LIBRARY | Sybren A. Stuvel (sybren@stuvel.eu) | Apache-2.0
+six | 1.16.0 | LIBRARY | Benjamin Peterson (benjamin@python.org) | MIT
+google-auth-httplib2 | 0.2.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+httplib2 | 0.20.4 | LIBRARY | Joe Gregorio (joe@bitworking.org) | MIT
+pyparsing | 3.2.0 | LIBRARY | Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | NOASSERTION
+google-reauth | 0.1.1 | LIBRARY | Google (googleapis-publisher@google.com) | Apache-2.0
+pyu2f | 0.1.5 | LIBRARY | Google Inc. (pyu2f-team@google.com) | Apache-2.0
+oauth2client | 4.1.3 | LIBRARY | Google Inc. (jonwayne+oauth2client@google.com) | Apache-2.0
+pyopenssl | 24.2.1 | LIBRARY | The pyOpenSSL developers (cryptography-dev@python.org) | Apache-2.0
+cryptography | 43.0.3 | LIBRARY | The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | Apache-2.0 OR BSD-3-Clause
+cffi | 1.17.1 | LIBRARY | Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | MIT
+pycparser | 2.22 | LIBRARY | Eli Bendersky (eliben@gmail.com) | BSD-3-Clause
+retry-decorator | 1.1.1 | LIBRARY | Patrick Ng (pn.appdev@gmail.com) | MIT
+google-apitools | 0.5.32 | LIBRARY | Craig Citro (craigcitro@google.com) | Apache-2.0
+monotonic | 1.6 | LIBRARY | Ori Livneh (ori@wikimedia.org) | Apache-2.0
+jinja2 | 3.1.4 | LIBRARY | NOASSERTION | NOASSERTION
+markupsafe | 3.0.2 | LIBRARY | NOASSERTION | NOASSERTION
+jsonschema | 4.23.0 | LIBRARY | Julian Berman (Julian+jsonschema@GrayVines.com) | MIT
+jsonschema-specifications | 2024.10.1 | LIBRARY | Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | NOASSERTION
+referencing | 0.35.1 | LIBRARY | Julian Berman (Julian+referencing@GrayVines.com) | NOASSERTION
+rpds-py | 0.21.0 | LIBRARY | Julian Berman (Julian+rpds@GrayVines.com) | NOASSERTION
+lib4sbom | 0.7.5 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+pyyaml | 6.0.2 | LIBRARY | Kirill Simonov (xi@resolvent.net) | MIT
+semantic-version | 2.10.0 | LIBRARY | Raphael Barrois (raphael.barrois+semver@polytechnique.org) | BSD-3-Clause
+lib4vex | 0.2.0 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+csaf-tool | 0.3.2 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | MIT
+packageurl-python | 0.16.0 | LIBRARY | the purl authors | MIT
+rich | 13.9.4 | LIBRARY | Will McGugan (willmcgugan@gmail.com) | MIT
+markdown-it-py | 3.0.0 | LIBRARY | Chris Sewell (chrisj_sewell@hotmail.com) | NOASSERTION
+mdurl | 0.1.2 | LIBRARY | Taneli Hukkinen (hukkin@users.noreply.github.com) | NOASSERTION
+pygments | 2.18.0 | LIBRARY | Georg Brandl (georg@python.org) | BSD-2-Clause
+packaging | 24.2 | LIBRARY | Donald Stufft (donald@stufft.io) | NOASSERTION
+plotly | 5.24.1 | LIBRARY | Chris P (chris@plot.ly) | MIT
+tenacity | 9.0.0 | LIBRARY | Julien Danjou (julien@danjou.info) | Apache-2.0
+python-gnupg | 0.5.3 | LIBRARY | Vinay Sajip (vinay_sajip@yahoo.co.uk) | BSD-3-Clause
+requests | 2.32.3 | LIBRARY | Kenneth Reitz (me@kennethreitz.org) | Apache-2.0
+certifi | 2024.8.30 | LIBRARY | Kenneth Reitz (me@kennethreitz.com) | MPL-2.0
+charset-normalizer | 3.4.0 | LIBRARY | Ahmed TAHRI (tahri.ahmed@proton.me) | MIT
+urllib3 | 2.2.3 | LIBRARY | Andrey Petrov (andrey.petrov@shazow.net) | NOASSERTION
+rpmfile | 2.1.0 | LIBRARY | Sean Ross (srossross@gmail.com) | MIT
+setuptools | 75.3.0 | LIBRARY | Python Packaging Authority (distutils-sig@python.org) | NOASSERTION
+xmlschema | 3.4.3 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+elementpath | 4.6.0 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+zipp | 3.21.0 | LIBRARY | Jason R. (jaraco@jaraco.com) | NOASSERTION
+zstandard | 0.23.0 | LIBRARY | Gregory Szorc (gregory.szorc@gmail.com) | BSD-3-Clause
+
+Name | Version | Ecosystem | Download | Copyright
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | pypi | https://pypi.org/project/cve-bin-tool/3.4/#files | NOASSERTION
+aiohttp | 3.10.10 | pypi | https://pypi.org/project/aiohttp/3.10.10/#files | NOASSERTION
+aiohappyeyeballs | 2.4.3 | pypi | https://pypi.org/project/aiohappyeyeballs/2.4.3/#files | NOASSERTION
+aiosignal | 1.3.1 | pypi | https://pypi.org/project/aiosignal/1.3.1/#files | NOASSERTION
+frozenlist | 1.5.0 | pypi | https://pypi.org/project/frozenlist/1.5.0/#files | NOASSERTION
+attrs | 24.2.0 | pypi | https://pypi.org/project/attrs/24.2.0/#files | NOASSERTION
+multidict | 6.1.0 | pypi | https://pypi.org/project/multidict/6.1.0/#files | NOASSERTION
+yarl | 1.17.1 | pypi | https://pypi.org/project/yarl/1.17.1/#files | NOASSERTION
+idna | 3.10 | pypi | https://pypi.org/project/idna/3.10/#files | NOASSERTION
+propcache | 0.2.0 | pypi | https://pypi.org/project/propcache/0.2.0/#files | NOASSERTION
+beautifulsoup4 | 4.12.3 | pypi | https://pypi.org/project/beautifulsoup4/4.12.3/#files | NOASSERTION
+soupsieve | 2.6 | pypi | https://pypi.org/project/soupsieve/2.6/#files | NOASSERTION
+cvss | 3.3 | pypi | https://pypi.org/project/cvss/3.3/#files | NOASSERTION
+defusedxml | 0.7.1 | pypi | https://pypi.org/project/defusedxml/0.7.1/#files | NOASSERTION
+distro | 1.9.0 | pypi | https://pypi.org/project/distro/1.9.0/#files | NOASSERTION
+filetype | 1.2.0 | pypi | https://pypi.org/project/filetype/1.2.0/#files | NOASSERTION
+gsutil | 5.31 | pypi | https://pypi.org/project/gsutil/5.31/#files | NOASSERTION
+argcomplete | 3.5.1 | pypi | https://pypi.org/project/argcomplete/3.5.1/#files | NOASSERTION
+crcmod | 1.7 | pypi | https://pypi.org/project/crcmod/1.7/#files | NOASSERTION
+fasteners | 0.19 | pypi | https://pypi.org/project/fasteners/0.19/#files | NOASSERTION
+gcs-oauth2-boto-plugin | 3.2 | pypi | https://pypi.org/project/gcs-oauth2-boto-plugin/3.2/#files | NOASSERTION
+boto | 2.49.0 | pypi | https://pypi.org/project/boto/2.49.0/#files | NOASSERTION
+google-auth | 2.17.0 | pypi | https://pypi.org/project/google-auth/2.17.0/#files | NOASSERTION
+cachetools | 5.5.0 | pypi | https://pypi.org/project/cachetools/5.5.0/#files | NOASSERTION
+pyasn1-modules | 0.4.1 | pypi | https://pypi.org/project/pyasn1-modules/0.4.1/#files | NOASSERTION
+pyasn1 | 0.6.1 | pypi | https://pypi.org/project/pyasn1/0.6.1/#files | NOASSERTION
+rsa | 4.7.2 | pypi | https://pypi.org/project/rsa/4.7.2/#files | NOASSERTION
+six | 1.16.0 | pypi | https://pypi.org/project/six/1.16.0/#files | NOASSERTION
+google-auth-httplib2 | 0.2.0 | pypi | https://pypi.org/project/google-auth-httplib2/0.2.0/#files | NOASSERTION
+httplib2 | 0.20.4 | pypi | https://pypi.org/project/httplib2/0.20.4/#files | NOASSERTION
+pyparsing | 3.2.0 | pypi | https://pypi.org/project/pyparsing/3.2.0/#files | NOASSERTION
+google-reauth | 0.1.1 | pypi | https://pypi.org/project/google-reauth/0.1.1/#files | NOASSERTION
+pyu2f | 0.1.5 | pypi | https://pypi.org/project/pyu2f/0.1.5/#files | NOASSERTION
+oauth2client | 4.1.3 | pypi | https://pypi.org/project/oauth2client/4.1.3/#files | NOASSERTION
+pyopenssl | 24.2.1 | pypi | https://pypi.org/project/pyopenssl/24.2.1/#files | NOASSERTION
+cryptography | 43.0.3 | pypi | https://pypi.org/project/cryptography/43.0.3/#files | NOASSERTION
+cffi | 1.17.1 | pypi | https://pypi.org/project/cffi/1.17.1/#files | NOASSERTION
+pycparser | 2.22 | pypi | https://pypi.org/project/pycparser/2.22/#files | NOASSERTION
+retry-decorator | 1.1.1 | pypi | https://pypi.org/project/retry-decorator/1.1.1/#files | NOASSERTION
+google-apitools | 0.5.32 | pypi | https://pypi.org/project/google-apitools/0.5.32/#files | NOASSERTION
+monotonic | 1.6 | pypi | https://pypi.org/project/monotonic/1.6/#files | NOASSERTION
+jinja2 | 3.1.4 | pypi | https://pypi.org/project/jinja2/3.1.4/#files | NOASSERTION
+markupsafe | 3.0.2 | pypi | https://pypi.org/project/markupsafe/3.0.2/#files | NOASSERTION
+jsonschema | 4.23.0 | pypi | https://pypi.org/project/jsonschema/4.23.0/#files | NOASSERTION
+jsonschema-specifications | 2024.10.1 | pypi | https://pypi.org/project/jsonschema-specifications/2024.10.1/#files | NOASSERTION
+referencing | 0.35.1 | pypi | https://pypi.org/project/referencing/0.35.1/#files | NOASSERTION
+rpds-py | 0.21.0 | pypi | https://pypi.org/project/rpds-py/0.21.0/#files | NOASSERTION
+lib4sbom | 0.7.5 | pypi | https://pypi.org/project/lib4sbom/0.7.5/#files | NOASSERTION
+pyyaml | 6.0.2 | pypi | https://pypi.org/project/pyyaml/6.0.2/#files | NOASSERTION
+semantic-version | 2.10.0 | pypi | https://pypi.org/project/semantic-version/2.10.0/#files | NOASSERTION
+lib4vex | 0.2.0 | pypi | https://pypi.org/project/lib4vex/0.2.0/#files | NOASSERTION
+csaf-tool | 0.3.2 | pypi | https://pypi.org/project/csaf-tool/0.3.2/#files | NOASSERTION
+packageurl-python | 0.16.0 | pypi | https://pypi.org/project/packageurl-python/0.16.0/#files | NOASSERTION
+rich | 13.9.4 | pypi | https://pypi.org/project/rich/13.9.4/#files | NOASSERTION
+markdown-it-py | 3.0.0 | pypi | https://pypi.org/project/markdown-it-py/3.0.0/#files | NOASSERTION
+mdurl | 0.1.2 | pypi | https://pypi.org/project/mdurl/0.1.2/#files | NOASSERTION
+pygments | 2.18.0 | pypi | https://pypi.org/project/pygments/2.18.0/#files | NOASSERTION
+packaging | 24.2 | pypi | https://pypi.org/project/packaging/24.2/#files | NOASSERTION
+plotly | 5.24.1 | pypi | https://pypi.org/project/plotly/5.24.1/#files | NOASSERTION
+tenacity | 9.0.0 | pypi | https://pypi.org/project/tenacity/9.0.0/#files | NOASSERTION
+python-gnupg | 0.5.3 | pypi | https://pypi.org/project/python-gnupg/0.5.3/#files | NOASSERTION
+requests | 2.32.3 | pypi | https://pypi.org/project/requests/2.32.3/#files | NOASSERTION
+certifi | 2024.8.30 | pypi | https://pypi.org/project/certifi/2024.8.30/#files | NOASSERTION
+charset-normalizer | 3.4.0 | pypi | https://pypi.org/project/charset-normalizer/3.4.0/#files | NOASSERTION
+urllib3 | 2.2.3 | pypi | https://pypi.org/project/urllib3/2.2.3/#files | NOASSERTION
+rpmfile | 2.1.0 | pypi | https://pypi.org/project/rpmfile/2.1.0/#files | NOASSERTION
+setuptools | 75.3.0 | pypi | https://pypi.org/project/setuptools/75.3.0/#files | NOASSERTION
+xmlschema | 3.4.3 | pypi | https://pypi.org/project/xmlschema/3.4.3/#files | NOASSERTION
+elementpath | 4.6.0 | pypi | https://pypi.org/project/elementpath/4.6.0/#files | NOASSERTION
+zipp | 3.21.0 | pypi | https://pypi.org/project/zipp/3.21.0/#files | NOASSERTION
+zstandard | 0.23.0 | pypi | https://pypi.org/project/zstandard/0.23.0/#files | NOASSERTION
+
+Name | PURL | CPE
+| -------- | -------- | -------- 
+cve-bin-tool | pkg:pypi/cve-bin-tool@3.4 | cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*:*
+aiohttp | pkg:pypi/aiohttp@3.10.10 | 
+aiohappyeyeballs | pkg:pypi/aiohappyeyeballs@2.4.3 | cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.3:*:*:*:*:*:*:*
+aiosignal | pkg:pypi/aiosignal@1.3.1 | 
+frozenlist | pkg:pypi/frozenlist@1.5.0 | 
+attrs | pkg:pypi/attrs@24.2.0 | cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:*:*:*
+multidict | pkg:pypi/multidict@6.1.0 | cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*
+yarl | pkg:pypi/yarl@1.17.1 | cpe:2.3:a:andrew_svetlov:yarl:1.17.1:*:*:*:*:*:*:*
+idna | pkg:pypi/idna@3.10 | cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
+propcache | pkg:pypi/propcache@0.2.0 | cpe:2.3:a:andrew_svetlov:propcache:0.2.0:*:*:*:*:*:*:*
+beautifulsoup4 | pkg:pypi/beautifulsoup4@4.12.3 | cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*
+soupsieve | pkg:pypi/soupsieve@2.6 | cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
+cvss | pkg:pypi/cvss@3.3 | cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.3:*:*:*:*:*:*:*
+defusedxml | pkg:pypi/defusedxml@0.7.1 | cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:*:*:*:*:*
+distro | pkg:pypi/distro@1.9.0 | cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
+filetype | pkg:pypi/filetype@1.2.0 | cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:*:*:*
+gsutil | pkg:pypi/gsutil@5.31 | cpe:2.3:a:google_inc.:gsutil:5.31:*:*:*:*:*:*:*
+argcomplete | pkg:pypi/argcomplete@3.5.1 | cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.1:*:*:*:*:*:*:*
+crcmod | pkg:pypi/crcmod@1.7 | cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
+fasteners | pkg:pypi/fasteners@0.19 | cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*:*:*
+gcs-oauth2-boto-plugin | pkg:pypi/gcs-oauth2-boto-plugin@3.2 | cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2:*:*:*:*:*:*:*
+boto | pkg:pypi/boto@2.49.0 | cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:*
+google-auth | pkg:pypi/google-auth@2.17.0 | cpe:2.3:a:google_cloud_platform:google-auth:2.17.0:*:*:*:*:*:*:*
+cachetools | pkg:pypi/cachetools@5.5.0 | cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*
+pyasn1-modules | pkg:pypi/pyasn1-modules@0.4.1 | cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*
+pyasn1 | pkg:pypi/pyasn1@0.6.1 | cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*
+rsa | pkg:pypi/rsa@4.7.2 | cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*:*
+six | pkg:pypi/six@1.16.0 | cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*:*:*
+google-auth-httplib2 | pkg:pypi/google-auth-httplib2@0.2.0 | cpe:2.3:a:google_cloud_platform:google-auth-httplib2:0.2.0:*:*:*:*:*:*:*
+httplib2 | pkg:pypi/httplib2@0.20.4 | cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*:*:*
+pyparsing | pkg:pypi/pyparsing@3.2.0 | cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*
+google-reauth | pkg:pypi/google-reauth@0.1.1 | cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*:*
+pyu2f | pkg:pypi/pyu2f@0.1.5 | cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
+oauth2client | pkg:pypi/oauth2client@4.1.3 | cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*:*:*:*
+pyopenssl | pkg:pypi/pyopenssl@24.2.1 | cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.2.1:*:*:*:*:*:*:*
+cryptography | pkg:pypi/cryptography@43.0.3 | cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*
+cffi | pkg:pypi/cffi@1.17.1 | cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:*:*:*:*:*:*:*
+pycparser | pkg:pypi/pycparser@2.22 | cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:*:*:*
+retry-decorator | pkg:pypi/retry-decorator@1.1.1 | cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*:*:*:*:*
+google-apitools | pkg:pypi/google-apitools@0.5.32 | cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*:*:*:*:*:*
+monotonic | pkg:pypi/monotonic@1.6 | cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
+jinja2 | pkg:pypi/jinja2@3.1.4 | 
+markupsafe | pkg:pypi/markupsafe@3.0.2 | 
+jsonschema | pkg:pypi/jsonschema@4.23.0 | cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:*:*:*:*
+jsonschema-specifications | pkg:pypi/jsonschema-specifications@2024.10.1 | cpe:2.3:a:julian_berman:jsonschema-specifications:2024.10.1:*:*:*:*:*:*:*
+referencing | pkg:pypi/referencing@0.35.1 | cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*:*:*:*:*
+rpds-py | pkg:pypi/rpds-py@0.21.0 | cpe:2.3:a:julian_berman:rpds-py:0.21.0:*:*:*:*:*:*:*
+lib4sbom | pkg:pypi/lib4sbom@0.7.5 | cpe:2.3:a:anthony_harrison:lib4sbom:0.7.5:*:*:*:*:*:*:*
+pyyaml | pkg:pypi/pyyaml@6.0.2 | cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*:*:*
+semantic-version | pkg:pypi/semantic-version@2.10.0 | cpe:2.3:a:raphael_barrois:semantic-version:2.10.0:*:*:*:*:*:*:*
+lib4vex | pkg:pypi/lib4vex@0.2.0 | cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*
+csaf-tool | pkg:pypi/csaf-tool@0.3.2 | cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:*:*:*:*:*
+packageurl-python | pkg:pypi/packageurl-python@0.16.0 | cpe:2.3:a:the_purl_authors:packageurl-python:0.16.0:*:*:*:*:*:*:*
+rich | pkg:pypi/rich@13.9.4 | cpe:2.3:a:will_mcgugan:rich:13.9.4:*:*:*:*:*:*:*
+markdown-it-py | pkg:pypi/markdown-it-py@3.0.0 | cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:*:*:*:*:*
+mdurl | pkg:pypi/mdurl@0.1.2 | cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:*:*
+pygments | pkg:pypi/pygments@2.18.0 | cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*:*:*
+packaging | pkg:pypi/packaging@24.2 | cpe:2.3:a:donald_stufft:packaging:24.2:*:*:*:*:*:*:*
+plotly | pkg:pypi/plotly@5.24.1 | cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
+tenacity | pkg:pypi/tenacity@9.0.0 | cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*
+python-gnupg | pkg:pypi/python-gnupg@0.5.3 | cpe:2.3:a:vinay_sajip:python-gnupg:0.5.3:*:*:*:*:*:*:*
+requests | pkg:pypi/requests@2.32.3 | cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*:*:*:*
+certifi | pkg:pypi/certifi@2024.8.30 | cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*:*:*:*:*
+charset-normalizer | pkg:pypi/charset-normalizer@3.4.0 | cpe:2.3:a:ahmed_tahri:charset-normalizer:3.4.0:*:*:*:*:*:*:*
+urllib3 | pkg:pypi/urllib3@2.2.3 | cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*
+rpmfile | pkg:pypi/rpmfile@2.1.0 | cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
+setuptools | pkg:pypi/setuptools@75.3.0 | cpe:2.3:a:python_packaging_authority:setuptools:75.3.0:*:*:*:*:*:*:*
+xmlschema | pkg:pypi/xmlschema@3.4.3 | cpe:2.3:a:davide_brunato:xmlschema:3.4.3:*:*:*:*:*:*:*
+elementpath | pkg:pypi/elementpath@4.6.0 | cpe:2.3:a:davide_brunato:elementpath:4.6.0:*:*:*:*:*:*:*
+zipp | pkg:pypi/zipp@3.21.0 | cpe:2.3:a:jason_r.:zipp:3.21.0:*:*:*:*:*:*:*
+zstandard | pkg:pypi/zstandard@0.23.0 | cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*:*:*:*
+
+# Component Type Summary
+
+Type | Count
+| -------- | -------- 
+APPLICATION | 1
+LIBRARY | 70
+
+# License Summary
+
+License | Count
+| -------- | -------- 
+Apache-2.0 | 24
+Apache-2.0 OR BSD-3-Clause | 1
+BSD-2-Clause | 2
+BSD-3-Clause | 5
+GPL-3.0-or-later | 1
+LGPL-3.0-or-later | 1
+MIT | 19
+MPL-2.0 | 1
+NOASSERTION | 15
+PSF-2.0 | 2
+
+# Supplier Summary
+
+Supplier | Count
+| -------- | -------- 
+Ahmed TAHRI (tahri.ahmed@proton.me) | 1
+Andrew Svetlov (andrew.svetlov@gmail.com) | 3
+Andrey Kislyuk (kislyuk@gmail.com) | 1
+Andrey Petrov (andrey.petrov@shazow.net) | 1
+Anthony Harrison (anthony.p.harrison@gmail.com) | 3
+Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | 1
+Benjamin Peterson (benjamin@python.org) | 1
+Chris P (chris@plot.ly) | 1
+Chris Sewell (chrisj_sewell@hotmail.com) | 1
+Christian Heimes (christian@python.org) | 1
+Craig Citro (craigcitro@google.com) | 1
+Davide Brunato (brunato@sissa.it) | 2
+Donald Stufft (donald@stufft.io) | 1
+Eli Bendersky (eliben@gmail.com) | 1
+Georg Brandl (georg@python.org) | 1
+Google (googleapis-publisher@google.com) | 1
+Google Cloud Platform (googleapis-packages@google.com) | 2
+Google Inc. (buganizer-system+187143@google.com) | 1
+Google Inc. (gs-team@google.com) | 1
+Google Inc. (jonwayne+oauth2client@google.com) | 1
+Google Inc. (pyu2f-team@google.com) | 1
+Gregory Szorc (gregory.szorc@gmail.com) | 1
+Hynek Schlawack (hs@ox.cx) | 1
+Ilya Etingof (etingof@gmail.com) | 2
+Isaac Muse (Isaac.Muse@gmail.com) | 1
+J. Nick Koston (nick@koston.org) | 1
+Jason R. (jaraco@jaraco.com) | 1
+Joe Gregorio (joe@bitworking.org) | 1
+Joshua Harlow | 1
+Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | 1
+Julian Berman (Julian+jsonschema@GrayVines.com) | 1
+Julian Berman (Julian+referencing@GrayVines.com) | 1
+Julian Berman (Julian+rpds@GrayVines.com) | 1
+Julien Danjou (julien@danjou.info) | 1
+Kenneth Reitz (me@kennethreitz.com) | 1
+Kenneth Reitz (me@kennethreitz.org) | 1
+Kim Davies (kim+pypi@gumleaf.org) | 1
+Kirill Simonov (xi@resolvent.net) | 1
+Leonard Richardson (leonardr@segfault.org) | 1
+Mitch Garnaat (mitch@garnaat.com) | 1
+NOASSERTION | 5
+Nir Cohen (nir36g@gmail.com) | 1
+Ori Livneh (ori@wikimedia.org) | 1
+Patrick Ng (pn.appdev@gmail.com) | 1
+Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | 1
+Python Packaging Authority (distutils-sig@python.org) | 1
+Raphael Barrois (raphael.barrois+semver@polytechnique.org) | 1
+Ray Buvel (rlbuvel@gmail.com) | 1
+Sean Ross (srossross@gmail.com) | 1
+Stanislav Red Hat Product Security (skontar@redhat.com) | 1
+Sybren A. Stuvel (sybren@stuvel.eu) | 1
+Taneli Hukkinen (hukkin@users.noreply.github.com) | 1
+Terri Oda (terri.oda@intel.com) | 1
+The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | 1
+The pyOpenSSL developers (cryptography-dev@python.org) | 1
+Thomas Kemmer (tkemmer@computer.org) | 1
+Tomas Aparicio (tomas@aparicio.me) | 1
+Vinay Sajip (vinay_sajip@yahoo.co.uk) | 1
+Will McGugan (willmcgugan@gmail.com) | 1
+the purl authors | 1
+
+# NTIA Summary
+
+Element | Status
+| -------- | -------- 
+All file information provided? | True
+All package information provided? | False
+Creator identified? | True
+Creation time identified? | True
+Dependency relationships provided? | True
+NTIA conformant False
diff --git a/sbom/sboms_for_humans/cve-bin-tool-py3.12.md b/sbom/sboms_for_humans/cve-bin-tool-py3.12.md
new file mode 100644
index 0000000000..6ae8d67f53
--- /dev/null
+++ b/sbom/sboms_for_humans/cve-bin-tool-py3.12.md
@@ -0,0 +1,338 @@
+
+# SBOM Summary
+
+Item | Details
+| -------- | -------- 
+SBOM File | cve-bin-tool-py3.12.spdx
+SBOM Type | spdx
+Version | SPDX-2.3
+Name | Python-cve-bin-tool
+Creator | Tool:sbom4python-0.11.3
+Created | 2024-11-11T00:37:00Z
+Files | 0
+Packages | 71
+Relationships | 108
+Services | 0
+Vulnerabilities | 0
+
+# Package Summary
+
+Name | Version | Type | Supplier | License
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | APPLICATION | Terri Oda (terri.oda@intel.com) | GPL-3.0-or-later
+aiohttp | 3.10.10 | LIBRARY | NOASSERTION | Apache-2.0
+aiohappyeyeballs | 2.4.3 | LIBRARY | J. Nick Koston (nick@koston.org) | PSF-2.0
+aiosignal | 1.3.1 | LIBRARY | NOASSERTION | Apache-2.0
+frozenlist | 1.5.0 | LIBRARY | NOASSERTION | Apache-2.0
+attrs | 24.2.0 | LIBRARY | Hynek Schlawack (hs@ox.cx) | NOASSERTION
+multidict | 6.1.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+yarl | 1.17.1 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+idna | 3.10 | LIBRARY | Kim Davies (kim+pypi@gumleaf.org) | NOASSERTION
+propcache | 0.2.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+beautifulsoup4 | 4.12.3 | LIBRARY | Leonard Richardson (leonardr@segfault.org) | MIT
+soupsieve | 2.6 | LIBRARY | Isaac Muse (Isaac.Muse@gmail.com) | NOASSERTION
+cvss | 3.3 | LIBRARY | Stanislav Red Hat Product Security (skontar@redhat.com) | LGPL-3.0-or-later
+defusedxml | 0.7.1 | LIBRARY | Christian Heimes (christian@python.org) | PSF-2.0
+distro | 1.9.0 | LIBRARY | Nir Cohen (nir36g@gmail.com) | Apache-2.0
+filetype | 1.2.0 | LIBRARY | Tomas Aparicio (tomas@aparicio.me) | MIT
+gsutil | 5.31 | LIBRARY | Google Inc. (buganizer-system+187143@google.com) | Apache-2.0
+argcomplete | 3.5.1 | LIBRARY | Andrey Kislyuk (kislyuk@gmail.com) | Apache-2.0
+crcmod | 1.7 | LIBRARY | Ray Buvel (rlbuvel@gmail.com) | MIT
+fasteners | 0.19 | LIBRARY | Joshua Harlow | Apache-2.0
+gcs-oauth2-boto-plugin | 3.2 | LIBRARY | Google Inc. (gs-team@google.com) | Apache-2.0
+boto | 2.49.0 | LIBRARY | Mitch Garnaat (mitch@garnaat.com) | MIT
+google-auth | 2.17.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+cachetools | 5.5.0 | LIBRARY | Thomas Kemmer (tkemmer@computer.org) | MIT
+pyasn1-modules | 0.4.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-3-Clause
+pyasn1 | 0.6.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-2-Clause
+rsa | 4.7.2 | LIBRARY | Sybren A. Stuvel (sybren@stuvel.eu) | Apache-2.0
+six | 1.16.0 | LIBRARY | Benjamin Peterson (benjamin@python.org) | MIT
+google-auth-httplib2 | 0.2.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+httplib2 | 0.20.4 | LIBRARY | Joe Gregorio (joe@bitworking.org) | MIT
+pyparsing | 3.2.0 | LIBRARY | Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | NOASSERTION
+google-reauth | 0.1.1 | LIBRARY | Google (googleapis-publisher@google.com) | Apache-2.0
+pyu2f | 0.1.5 | LIBRARY | Google Inc. (pyu2f-team@google.com) | Apache-2.0
+oauth2client | 4.1.3 | LIBRARY | Google Inc. (jonwayne+oauth2client@google.com) | Apache-2.0
+pyopenssl | 24.2.1 | LIBRARY | The pyOpenSSL developers (cryptography-dev@python.org) | Apache-2.0
+cryptography | 43.0.3 | LIBRARY | The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | Apache-2.0 OR BSD-3-Clause
+cffi | 1.17.1 | LIBRARY | Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | MIT
+pycparser | 2.22 | LIBRARY | Eli Bendersky (eliben@gmail.com) | BSD-3-Clause
+retry-decorator | 1.1.1 | LIBRARY | Patrick Ng (pn.appdev@gmail.com) | MIT
+google-apitools | 0.5.32 | LIBRARY | Craig Citro (craigcitro@google.com) | Apache-2.0
+monotonic | 1.6 | LIBRARY | Ori Livneh (ori@wikimedia.org) | Apache-2.0
+jinja2 | 3.1.4 | LIBRARY | NOASSERTION | NOASSERTION
+markupsafe | 3.0.2 | LIBRARY | NOASSERTION | NOASSERTION
+jsonschema | 4.23.0 | LIBRARY | Julian Berman (Julian+jsonschema@GrayVines.com) | MIT
+jsonschema-specifications | 2024.10.1 | LIBRARY | Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | NOASSERTION
+referencing | 0.35.1 | LIBRARY | Julian Berman (Julian+referencing@GrayVines.com) | NOASSERTION
+rpds-py | 0.21.0 | LIBRARY | Julian Berman (Julian+rpds@GrayVines.com) | NOASSERTION
+lib4sbom | 0.7.5 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+pyyaml | 6.0.2 | LIBRARY | Kirill Simonov (xi@resolvent.net) | MIT
+semantic-version | 2.10.0 | LIBRARY | Raphael Barrois (raphael.barrois+semver@polytechnique.org) | BSD-3-Clause
+lib4vex | 0.2.0 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+csaf-tool | 0.3.2 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | MIT
+packageurl-python | 0.16.0 | LIBRARY | the purl authors | MIT
+rich | 13.9.4 | LIBRARY | Will McGugan (willmcgugan@gmail.com) | MIT
+markdown-it-py | 3.0.0 | LIBRARY | Chris Sewell (chrisj_sewell@hotmail.com) | NOASSERTION
+mdurl | 0.1.2 | LIBRARY | Taneli Hukkinen (hukkin@users.noreply.github.com) | NOASSERTION
+pygments | 2.18.0 | LIBRARY | Georg Brandl (georg@python.org) | BSD-2-Clause
+packaging | 24.2 | LIBRARY | Donald Stufft (donald@stufft.io) | NOASSERTION
+plotly | 5.24.1 | LIBRARY | Chris P (chris@plot.ly) | MIT
+tenacity | 9.0.0 | LIBRARY | Julien Danjou (julien@danjou.info) | Apache-2.0
+python-gnupg | 0.5.3 | LIBRARY | Vinay Sajip (vinay_sajip@yahoo.co.uk) | BSD-3-Clause
+requests | 2.32.3 | LIBRARY | Kenneth Reitz (me@kennethreitz.org) | Apache-2.0
+certifi | 2024.8.30 | LIBRARY | Kenneth Reitz (me@kennethreitz.com) | MPL-2.0
+charset-normalizer | 3.4.0 | LIBRARY | Ahmed TAHRI (tahri.ahmed@proton.me) | MIT
+urllib3 | 2.2.3 | LIBRARY | Andrey Petrov (andrey.petrov@shazow.net) | NOASSERTION
+rpmfile | 2.1.0 | LIBRARY | Sean Ross (srossross@gmail.com) | MIT
+setuptools | 75.3.0 | LIBRARY | Python Packaging Authority (distutils-sig@python.org) | NOASSERTION
+xmlschema | 3.4.3 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+elementpath | 4.6.0 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+zipp | 3.21.0 | LIBRARY | Jason R. (jaraco@jaraco.com) | NOASSERTION
+zstandard | 0.23.0 | LIBRARY | Gregory Szorc (gregory.szorc@gmail.com) | BSD-3-Clause
+
+Name | Version | Ecosystem | Download | Copyright
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | pypi | https://pypi.org/project/cve-bin-tool/3.4/#files | NOASSERTION
+aiohttp | 3.10.10 | pypi | https://pypi.org/project/aiohttp/3.10.10/#files | NOASSERTION
+aiohappyeyeballs | 2.4.3 | pypi | https://pypi.org/project/aiohappyeyeballs/2.4.3/#files | NOASSERTION
+aiosignal | 1.3.1 | pypi | https://pypi.org/project/aiosignal/1.3.1/#files | NOASSERTION
+frozenlist | 1.5.0 | pypi | https://pypi.org/project/frozenlist/1.5.0/#files | NOASSERTION
+attrs | 24.2.0 | pypi | https://pypi.org/project/attrs/24.2.0/#files | NOASSERTION
+multidict | 6.1.0 | pypi | https://pypi.org/project/multidict/6.1.0/#files | NOASSERTION
+yarl | 1.17.1 | pypi | https://pypi.org/project/yarl/1.17.1/#files | NOASSERTION
+idna | 3.10 | pypi | https://pypi.org/project/idna/3.10/#files | NOASSERTION
+propcache | 0.2.0 | pypi | https://pypi.org/project/propcache/0.2.0/#files | NOASSERTION
+beautifulsoup4 | 4.12.3 | pypi | https://pypi.org/project/beautifulsoup4/4.12.3/#files | NOASSERTION
+soupsieve | 2.6 | pypi | https://pypi.org/project/soupsieve/2.6/#files | NOASSERTION
+cvss | 3.3 | pypi | https://pypi.org/project/cvss/3.3/#files | NOASSERTION
+defusedxml | 0.7.1 | pypi | https://pypi.org/project/defusedxml/0.7.1/#files | NOASSERTION
+distro | 1.9.0 | pypi | https://pypi.org/project/distro/1.9.0/#files | NOASSERTION
+filetype | 1.2.0 | pypi | https://pypi.org/project/filetype/1.2.0/#files | NOASSERTION
+gsutil | 5.31 | pypi | https://pypi.org/project/gsutil/5.31/#files | NOASSERTION
+argcomplete | 3.5.1 | pypi | https://pypi.org/project/argcomplete/3.5.1/#files | NOASSERTION
+crcmod | 1.7 | pypi | https://pypi.org/project/crcmod/1.7/#files | NOASSERTION
+fasteners | 0.19 | pypi | https://pypi.org/project/fasteners/0.19/#files | NOASSERTION
+gcs-oauth2-boto-plugin | 3.2 | pypi | https://pypi.org/project/gcs-oauth2-boto-plugin/3.2/#files | NOASSERTION
+boto | 2.49.0 | pypi | https://pypi.org/project/boto/2.49.0/#files | NOASSERTION
+google-auth | 2.17.0 | pypi | https://pypi.org/project/google-auth/2.17.0/#files | NOASSERTION
+cachetools | 5.5.0 | pypi | https://pypi.org/project/cachetools/5.5.0/#files | NOASSERTION
+pyasn1-modules | 0.4.1 | pypi | https://pypi.org/project/pyasn1-modules/0.4.1/#files | NOASSERTION
+pyasn1 | 0.6.1 | pypi | https://pypi.org/project/pyasn1/0.6.1/#files | NOASSERTION
+rsa | 4.7.2 | pypi | https://pypi.org/project/rsa/4.7.2/#files | NOASSERTION
+six | 1.16.0 | pypi | https://pypi.org/project/six/1.16.0/#files | NOASSERTION
+google-auth-httplib2 | 0.2.0 | pypi | https://pypi.org/project/google-auth-httplib2/0.2.0/#files | NOASSERTION
+httplib2 | 0.20.4 | pypi | https://pypi.org/project/httplib2/0.20.4/#files | NOASSERTION
+pyparsing | 3.2.0 | pypi | https://pypi.org/project/pyparsing/3.2.0/#files | NOASSERTION
+google-reauth | 0.1.1 | pypi | https://pypi.org/project/google-reauth/0.1.1/#files | NOASSERTION
+pyu2f | 0.1.5 | pypi | https://pypi.org/project/pyu2f/0.1.5/#files | NOASSERTION
+oauth2client | 4.1.3 | pypi | https://pypi.org/project/oauth2client/4.1.3/#files | NOASSERTION
+pyopenssl | 24.2.1 | pypi | https://pypi.org/project/pyopenssl/24.2.1/#files | NOASSERTION
+cryptography | 43.0.3 | pypi | https://pypi.org/project/cryptography/43.0.3/#files | NOASSERTION
+cffi | 1.17.1 | pypi | https://pypi.org/project/cffi/1.17.1/#files | NOASSERTION
+pycparser | 2.22 | pypi | https://pypi.org/project/pycparser/2.22/#files | NOASSERTION
+retry-decorator | 1.1.1 | pypi | https://pypi.org/project/retry-decorator/1.1.1/#files | NOASSERTION
+google-apitools | 0.5.32 | pypi | https://pypi.org/project/google-apitools/0.5.32/#files | NOASSERTION
+monotonic | 1.6 | pypi | https://pypi.org/project/monotonic/1.6/#files | NOASSERTION
+jinja2 | 3.1.4 | pypi | https://pypi.org/project/jinja2/3.1.4/#files | NOASSERTION
+markupsafe | 3.0.2 | pypi | https://pypi.org/project/markupsafe/3.0.2/#files | NOASSERTION
+jsonschema | 4.23.0 | pypi | https://pypi.org/project/jsonschema/4.23.0/#files | NOASSERTION
+jsonschema-specifications | 2024.10.1 | pypi | https://pypi.org/project/jsonschema-specifications/2024.10.1/#files | NOASSERTION
+referencing | 0.35.1 | pypi | https://pypi.org/project/referencing/0.35.1/#files | NOASSERTION
+rpds-py | 0.21.0 | pypi | https://pypi.org/project/rpds-py/0.21.0/#files | NOASSERTION
+lib4sbom | 0.7.5 | pypi | https://pypi.org/project/lib4sbom/0.7.5/#files | NOASSERTION
+pyyaml | 6.0.2 | pypi | https://pypi.org/project/pyyaml/6.0.2/#files | NOASSERTION
+semantic-version | 2.10.0 | pypi | https://pypi.org/project/semantic-version/2.10.0/#files | NOASSERTION
+lib4vex | 0.2.0 | pypi | https://pypi.org/project/lib4vex/0.2.0/#files | NOASSERTION
+csaf-tool | 0.3.2 | pypi | https://pypi.org/project/csaf-tool/0.3.2/#files | NOASSERTION
+packageurl-python | 0.16.0 | pypi | https://pypi.org/project/packageurl-python/0.16.0/#files | NOASSERTION
+rich | 13.9.4 | pypi | https://pypi.org/project/rich/13.9.4/#files | NOASSERTION
+markdown-it-py | 3.0.0 | pypi | https://pypi.org/project/markdown-it-py/3.0.0/#files | NOASSERTION
+mdurl | 0.1.2 | pypi | https://pypi.org/project/mdurl/0.1.2/#files | NOASSERTION
+pygments | 2.18.0 | pypi | https://pypi.org/project/pygments/2.18.0/#files | NOASSERTION
+packaging | 24.2 | pypi | https://pypi.org/project/packaging/24.2/#files | NOASSERTION
+plotly | 5.24.1 | pypi | https://pypi.org/project/plotly/5.24.1/#files | NOASSERTION
+tenacity | 9.0.0 | pypi | https://pypi.org/project/tenacity/9.0.0/#files | NOASSERTION
+python-gnupg | 0.5.3 | pypi | https://pypi.org/project/python-gnupg/0.5.3/#files | NOASSERTION
+requests | 2.32.3 | pypi | https://pypi.org/project/requests/2.32.3/#files | NOASSERTION
+certifi | 2024.8.30 | pypi | https://pypi.org/project/certifi/2024.8.30/#files | NOASSERTION
+charset-normalizer | 3.4.0 | pypi | https://pypi.org/project/charset-normalizer/3.4.0/#files | NOASSERTION
+urllib3 | 2.2.3 | pypi | https://pypi.org/project/urllib3/2.2.3/#files | NOASSERTION
+rpmfile | 2.1.0 | pypi | https://pypi.org/project/rpmfile/2.1.0/#files | NOASSERTION
+setuptools | 75.3.0 | pypi | https://pypi.org/project/setuptools/75.3.0/#files | NOASSERTION
+xmlschema | 3.4.3 | pypi | https://pypi.org/project/xmlschema/3.4.3/#files | NOASSERTION
+elementpath | 4.6.0 | pypi | https://pypi.org/project/elementpath/4.6.0/#files | NOASSERTION
+zipp | 3.21.0 | pypi | https://pypi.org/project/zipp/3.21.0/#files | NOASSERTION
+zstandard | 0.23.0 | pypi | https://pypi.org/project/zstandard/0.23.0/#files | NOASSERTION
+
+Name | PURL | CPE
+| -------- | -------- | -------- 
+cve-bin-tool | pkg:pypi/cve-bin-tool@3.4 | cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*:*
+aiohttp | pkg:pypi/aiohttp@3.10.10 | 
+aiohappyeyeballs | pkg:pypi/aiohappyeyeballs@2.4.3 | cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.3:*:*:*:*:*:*:*
+aiosignal | pkg:pypi/aiosignal@1.3.1 | 
+frozenlist | pkg:pypi/frozenlist@1.5.0 | 
+attrs | pkg:pypi/attrs@24.2.0 | cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:*:*:*
+multidict | pkg:pypi/multidict@6.1.0 | cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*
+yarl | pkg:pypi/yarl@1.17.1 | cpe:2.3:a:andrew_svetlov:yarl:1.17.1:*:*:*:*:*:*:*
+idna | pkg:pypi/idna@3.10 | cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
+propcache | pkg:pypi/propcache@0.2.0 | cpe:2.3:a:andrew_svetlov:propcache:0.2.0:*:*:*:*:*:*:*
+beautifulsoup4 | pkg:pypi/beautifulsoup4@4.12.3 | cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*
+soupsieve | pkg:pypi/soupsieve@2.6 | cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
+cvss | pkg:pypi/cvss@3.3 | cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.3:*:*:*:*:*:*:*
+defusedxml | pkg:pypi/defusedxml@0.7.1 | cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:*:*:*:*:*
+distro | pkg:pypi/distro@1.9.0 | cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
+filetype | pkg:pypi/filetype@1.2.0 | cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:*:*:*
+gsutil | pkg:pypi/gsutil@5.31 | cpe:2.3:a:google_inc.:gsutil:5.31:*:*:*:*:*:*:*
+argcomplete | pkg:pypi/argcomplete@3.5.1 | cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.1:*:*:*:*:*:*:*
+crcmod | pkg:pypi/crcmod@1.7 | cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
+fasteners | pkg:pypi/fasteners@0.19 | cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*:*:*
+gcs-oauth2-boto-plugin | pkg:pypi/gcs-oauth2-boto-plugin@3.2 | cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2:*:*:*:*:*:*:*
+boto | pkg:pypi/boto@2.49.0 | cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:*
+google-auth | pkg:pypi/google-auth@2.17.0 | cpe:2.3:a:google_cloud_platform:google-auth:2.17.0:*:*:*:*:*:*:*
+cachetools | pkg:pypi/cachetools@5.5.0 | cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*
+pyasn1-modules | pkg:pypi/pyasn1-modules@0.4.1 | cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*
+pyasn1 | pkg:pypi/pyasn1@0.6.1 | cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*
+rsa | pkg:pypi/rsa@4.7.2 | cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*:*
+six | pkg:pypi/six@1.16.0 | cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*:*:*
+google-auth-httplib2 | pkg:pypi/google-auth-httplib2@0.2.0 | cpe:2.3:a:google_cloud_platform:google-auth-httplib2:0.2.0:*:*:*:*:*:*:*
+httplib2 | pkg:pypi/httplib2@0.20.4 | cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*:*:*
+pyparsing | pkg:pypi/pyparsing@3.2.0 | cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*
+google-reauth | pkg:pypi/google-reauth@0.1.1 | cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*:*
+pyu2f | pkg:pypi/pyu2f@0.1.5 | cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
+oauth2client | pkg:pypi/oauth2client@4.1.3 | cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*:*:*:*
+pyopenssl | pkg:pypi/pyopenssl@24.2.1 | cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.2.1:*:*:*:*:*:*:*
+cryptography | pkg:pypi/cryptography@43.0.3 | cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*
+cffi | pkg:pypi/cffi@1.17.1 | cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:*:*:*:*:*:*:*
+pycparser | pkg:pypi/pycparser@2.22 | cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:*:*:*
+retry-decorator | pkg:pypi/retry-decorator@1.1.1 | cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*:*:*:*:*
+google-apitools | pkg:pypi/google-apitools@0.5.32 | cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*:*:*:*:*:*
+monotonic | pkg:pypi/monotonic@1.6 | cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
+jinja2 | pkg:pypi/jinja2@3.1.4 | 
+markupsafe | pkg:pypi/markupsafe@3.0.2 | 
+jsonschema | pkg:pypi/jsonschema@4.23.0 | cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:*:*:*:*
+jsonschema-specifications | pkg:pypi/jsonschema-specifications@2024.10.1 | cpe:2.3:a:julian_berman:jsonschema-specifications:2024.10.1:*:*:*:*:*:*:*
+referencing | pkg:pypi/referencing@0.35.1 | cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*:*:*:*:*
+rpds-py | pkg:pypi/rpds-py@0.21.0 | cpe:2.3:a:julian_berman:rpds-py:0.21.0:*:*:*:*:*:*:*
+lib4sbom | pkg:pypi/lib4sbom@0.7.5 | cpe:2.3:a:anthony_harrison:lib4sbom:0.7.5:*:*:*:*:*:*:*
+pyyaml | pkg:pypi/pyyaml@6.0.2 | cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*:*:*
+semantic-version | pkg:pypi/semantic-version@2.10.0 | cpe:2.3:a:raphael_barrois:semantic-version:2.10.0:*:*:*:*:*:*:*
+lib4vex | pkg:pypi/lib4vex@0.2.0 | cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*
+csaf-tool | pkg:pypi/csaf-tool@0.3.2 | cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:*:*:*:*:*
+packageurl-python | pkg:pypi/packageurl-python@0.16.0 | cpe:2.3:a:the_purl_authors:packageurl-python:0.16.0:*:*:*:*:*:*:*
+rich | pkg:pypi/rich@13.9.4 | cpe:2.3:a:will_mcgugan:rich:13.9.4:*:*:*:*:*:*:*
+markdown-it-py | pkg:pypi/markdown-it-py@3.0.0 | cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:*:*:*:*:*
+mdurl | pkg:pypi/mdurl@0.1.2 | cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:*:*
+pygments | pkg:pypi/pygments@2.18.0 | cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*:*:*
+packaging | pkg:pypi/packaging@24.2 | cpe:2.3:a:donald_stufft:packaging:24.2:*:*:*:*:*:*:*
+plotly | pkg:pypi/plotly@5.24.1 | cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
+tenacity | pkg:pypi/tenacity@9.0.0 | cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*
+python-gnupg | pkg:pypi/python-gnupg@0.5.3 | cpe:2.3:a:vinay_sajip:python-gnupg:0.5.3:*:*:*:*:*:*:*
+requests | pkg:pypi/requests@2.32.3 | cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*:*:*:*
+certifi | pkg:pypi/certifi@2024.8.30 | cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*:*:*:*:*
+charset-normalizer | pkg:pypi/charset-normalizer@3.4.0 | cpe:2.3:a:ahmed_tahri:charset-normalizer:3.4.0:*:*:*:*:*:*:*
+urllib3 | pkg:pypi/urllib3@2.2.3 | cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*
+rpmfile | pkg:pypi/rpmfile@2.1.0 | cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
+setuptools | pkg:pypi/setuptools@75.3.0 | cpe:2.3:a:python_packaging_authority:setuptools:75.3.0:*:*:*:*:*:*:*
+xmlschema | pkg:pypi/xmlschema@3.4.3 | cpe:2.3:a:davide_brunato:xmlschema:3.4.3:*:*:*:*:*:*:*
+elementpath | pkg:pypi/elementpath@4.6.0 | cpe:2.3:a:davide_brunato:elementpath:4.6.0:*:*:*:*:*:*:*
+zipp | pkg:pypi/zipp@3.21.0 | cpe:2.3:a:jason_r.:zipp:3.21.0:*:*:*:*:*:*:*
+zstandard | pkg:pypi/zstandard@0.23.0 | cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*:*:*:*
+
+# Component Type Summary
+
+Type | Count
+| -------- | -------- 
+APPLICATION | 1
+LIBRARY | 70
+
+# License Summary
+
+License | Count
+| -------- | -------- 
+Apache-2.0 | 24
+Apache-2.0 OR BSD-3-Clause | 1
+BSD-2-Clause | 2
+BSD-3-Clause | 5
+GPL-3.0-or-later | 1
+LGPL-3.0-or-later | 1
+MIT | 19
+MPL-2.0 | 1
+NOASSERTION | 15
+PSF-2.0 | 2
+
+# Supplier Summary
+
+Supplier | Count
+| -------- | -------- 
+Ahmed TAHRI (tahri.ahmed@proton.me) | 1
+Andrew Svetlov (andrew.svetlov@gmail.com) | 3
+Andrey Kislyuk (kislyuk@gmail.com) | 1
+Andrey Petrov (andrey.petrov@shazow.net) | 1
+Anthony Harrison (anthony.p.harrison@gmail.com) | 3
+Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | 1
+Benjamin Peterson (benjamin@python.org) | 1
+Chris P (chris@plot.ly) | 1
+Chris Sewell (chrisj_sewell@hotmail.com) | 1
+Christian Heimes (christian@python.org) | 1
+Craig Citro (craigcitro@google.com) | 1
+Davide Brunato (brunato@sissa.it) | 2
+Donald Stufft (donald@stufft.io) | 1
+Eli Bendersky (eliben@gmail.com) | 1
+Georg Brandl (georg@python.org) | 1
+Google (googleapis-publisher@google.com) | 1
+Google Cloud Platform (googleapis-packages@google.com) | 2
+Google Inc. (buganizer-system+187143@google.com) | 1
+Google Inc. (gs-team@google.com) | 1
+Google Inc. (jonwayne+oauth2client@google.com) | 1
+Google Inc. (pyu2f-team@google.com) | 1
+Gregory Szorc (gregory.szorc@gmail.com) | 1
+Hynek Schlawack (hs@ox.cx) | 1
+Ilya Etingof (etingof@gmail.com) | 2
+Isaac Muse (Isaac.Muse@gmail.com) | 1
+J. Nick Koston (nick@koston.org) | 1
+Jason R. (jaraco@jaraco.com) | 1
+Joe Gregorio (joe@bitworking.org) | 1
+Joshua Harlow | 1
+Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | 1
+Julian Berman (Julian+jsonschema@GrayVines.com) | 1
+Julian Berman (Julian+referencing@GrayVines.com) | 1
+Julian Berman (Julian+rpds@GrayVines.com) | 1
+Julien Danjou (julien@danjou.info) | 1
+Kenneth Reitz (me@kennethreitz.com) | 1
+Kenneth Reitz (me@kennethreitz.org) | 1
+Kim Davies (kim+pypi@gumleaf.org) | 1
+Kirill Simonov (xi@resolvent.net) | 1
+Leonard Richardson (leonardr@segfault.org) | 1
+Mitch Garnaat (mitch@garnaat.com) | 1
+NOASSERTION | 5
+Nir Cohen (nir36g@gmail.com) | 1
+Ori Livneh (ori@wikimedia.org) | 1
+Patrick Ng (pn.appdev@gmail.com) | 1
+Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | 1
+Python Packaging Authority (distutils-sig@python.org) | 1
+Raphael Barrois (raphael.barrois+semver@polytechnique.org) | 1
+Ray Buvel (rlbuvel@gmail.com) | 1
+Sean Ross (srossross@gmail.com) | 1
+Stanislav Red Hat Product Security (skontar@redhat.com) | 1
+Sybren A. Stuvel (sybren@stuvel.eu) | 1
+Taneli Hukkinen (hukkin@users.noreply.github.com) | 1
+Terri Oda (terri.oda@intel.com) | 1
+The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | 1
+The pyOpenSSL developers (cryptography-dev@python.org) | 1
+Thomas Kemmer (tkemmer@computer.org) | 1
+Tomas Aparicio (tomas@aparicio.me) | 1
+Vinay Sajip (vinay_sajip@yahoo.co.uk) | 1
+Will McGugan (willmcgugan@gmail.com) | 1
+the purl authors | 1
+
+# NTIA Summary
+
+Element | Status
+| -------- | -------- 
+All file information provided? | True
+All package information provided? | False
+Creator identified? | True
+Creation time identified? | True
+Dependency relationships provided? | True
+NTIA conformant False
diff --git a/sbom/sboms_for_humans/cve-bin-tool-py3.7.md b/sbom/sboms_for_humans/cve-bin-tool-py3.7.md
new file mode 100644
index 0000000000..5d45024c28
--- /dev/null
+++ b/sbom/sboms_for_humans/cve-bin-tool-py3.7.md
@@ -0,0 +1,329 @@
+
+# SBOM Summary
+
+Item | Details
+| -------- | -------- 
+SBOM File | cve-bin-tool-py3.7.spdx
+SBOM Type | spdx
+Version | SPDX-2.3
+Name | Python-cve-bin-tool
+Creator | Tool:sbom4python-0.9.1
+Created | 2023-06-26T00:31:57Z
+Files | 0
+Packages | 68
+Relationships | 107
+Services | 0
+Vulnerabilities | 0
+
+# Package Summary
+
+Name | Version | Type | Supplier | License
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.2.2.dev0 | APPLICATION | Terri Oda (terri.oda@intel.com) | GPL-3.0-or-later
+aiohttp | 3.8.4 | LIBRARY | NOASSERTION | Apache-2.0
+aiosignal | 1.3.1 | LIBRARY | NOASSERTION | Apache-2.0
+frozenlist | 1.3.3 | LIBRARY | NOASSERTION | Apache-2.0
+async-timeout | 4.0.2 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+typing-extensions | 4.6.3 | LIBRARY | Guido van Jukka ukasz Michael (levkivskyi@gmail.com) | NOASSERTION
+asynctest | 0.13.0 | LIBRARY | Martin Richard (martius@martiusweb.net) | Apache-2.0
+attrs | 23.1.0 | LIBRARY | Hynek Schlawack (hs@ox.cx) | NOASSERTION
+importlib-metadata | 6.7.0 | LIBRARY | Jason R. Coombs (jaraco@jaraco.com) | NOASSERTION
+zipp | 3.15.0 | LIBRARY | Jason R. Coombs (jaraco@jaraco.com) | NOASSERTION
+charset-normalizer | 3.1.0 | LIBRARY | Ahmed TAHRI (ahmed.tahri@cloudnursery.dev) | MIT
+multidict | 6.0.4 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+yarl | 1.9.2 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+idna | 3.4 | LIBRARY | Kim Davies (kim@cynosure.com.au) | NOASSERTION
+beautifulsoup4 | 4.12.2 | LIBRARY | Leonard Richardson (leonardr@segfault.org) | NOASSERTION
+soupsieve | 2.4.1 | LIBRARY | Isaac Muse (use@gmail.com) | NOASSERTION
+cvss | 2.6 | LIBRARY | Stanislav Red Hat Product Security (skontar@redhat.com) | LGPL-3.0-or-later
+defusedxml | 0.7.1 | LIBRARY | Christian Heimes (christian@python.org) | PSF-2.0
+distro | 1.8.0 | LIBRARY | Nir Cohen (nir36g@gmail.com) | Apache-2.0
+gsutil | 5.25 | LIBRARY | Google Inc. (buganizer-system+187143@google.com) | Apache-2.0
+argcomplete | 3.1.1 | LIBRARY | Andrey Kislyuk (kislyuk@gmail.com) | Apache-2.0
+crcmod | 1.7 | LIBRARY | Ray Buvel (rlbuvel@gmail.com) | MIT
+fasteners | 0.18 | LIBRARY | Joshua Harlow | Apache-2.0
+gcs-oauth2-boto-plugin | 3.0 | LIBRARY | Google Inc. (gs-team@google.com) | Apache-2.0
+boto | 2.49.0 | LIBRARY | Mitch Garnaat (mitch@garnaat.com) | MIT
+google-reauth | 0.1.1 | LIBRARY | Google (googleapis-publisher@google.com) | Apache-2.0
+pyu2f | 0.1.5 | LIBRARY | Google Inc. (pyu2f-team@google.com) | Apache-2.0
+six | 1.16.0 | LIBRARY | Benjamin Peterson (benjamin@python.org) | MIT
+httplib2 | 0.20.4 | LIBRARY | Joe Gregorio (joe@bitworking.org) | MIT
+pyparsing | 3.1.0 | LIBRARY | Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | NOASSERTION
+oauth2client | 4.1.3 | LIBRARY | Google Inc. (jonwayne+oauth2client@google.com) | Apache-2.0
+pyasn1 | 0.5.0 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-2-Clause
+pyasn1-modules | 0.3.0 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-3-Clause
+rsa | 4.7.2 | LIBRARY | Sybren A. Stuvel (sybren@stuvel.eu) | Apache-2.0
+pyopenssl | 23.2.0 | LIBRARY | The pyOpenSSL developers (cryptography-dev@python.org) | Apache-2.0
+cryptography | 41.0.1 | LIBRARY | The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | Apache-2.0 OR BSD-3-Clause
+cffi | 1.15.1 | LIBRARY | Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | MIT
+pycparser | 2.21 | LIBRARY | Eli Bendersky (eliben@gmail.com) | BSD-3-Clause
+retry-decorator | 1.1.1 | LIBRARY | Patrick Ng (pn.appdev@gmail.com) | MIT
+google-apitools | 0.5.32 | LIBRARY | Craig Citro (craigcitro@google.com) | Apache-2.0
+google-auth | 2.20.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+cachetools | 5.3.1 | LIBRARY | Thomas Kemmer (tkemmer@computer.org) | MIT
+urllib3 | 1.26.16 | LIBRARY | Andrey Petrov (andrey.petrov@shazow.net) | MIT
+monotonic | 1.6 | LIBRARY | Ori Livneh (ori@wikimedia.org) | Apache-2.0
+importlib-resources | 5.12.0 | LIBRARY | Barry Warsaw (barry@python.org) | NOASSERTION
+jinja2 | 3.1.2 | LIBRARY | Armin Ronacher (armin.ronacher@active-4.com) | BSD-3-Clause
+markupsafe | 2.1.3 | LIBRARY | NOASSERTION | BSD-3-Clause
+jsonschema | 4.17.3 | LIBRARY | Julian Berman | MIT
+pkgutil-resolve-name | 1.3.10 | LIBRARY | Vinay Sajip (vinay_sajip@yahoo.co.uk) | NOASSERTION
+pyrsistent | 0.19.3 | LIBRARY | Tobias Gustafsson (tobias.l.gustafsson@gmail.com) | MIT
+lib4sbom | 0.3.1 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+pyyaml | 6.0 | LIBRARY | Kirill Simonov (xi@resolvent.net) | MIT
+semantic-version | 2.10.0 | LIBRARY | Raphael Barrois (raphael.barrois+semver@polytechnique.org) | BSD-3-Clause
+packaging | 21.3 | LIBRARY | Donald Stufft and individual contributors (donald@stufft.io) | BSD-2-Clause OR Apache-2.0
+plotly | 5.15.0 | LIBRARY | Chris P (chris@plot.ly) | MIT
+tenacity | 8.2.2 | LIBRARY | Julien Danjou (julien@danjou.info) | Apache-2.0
+python-gnupg | 0.5.0 | LIBRARY | Vinay Sajip (vinay_sajip@yahoo.co.uk) | BSD-3-Clause
+requests | 2.31.0 | LIBRARY | Kenneth Reitz (me@kennethreitz.org) | Apache-2.0
+certifi | 2023.5.7 | LIBRARY | Kenneth Reitz (me@kennethreitz.com) | MPL-2.0
+rich | 13.4.2 | LIBRARY | Will McGugan (willmcgugan@gmail.com) | MIT
+markdown-it-py | 2.2.0 | LIBRARY | Chris Sewell (chrisj_sewell@hotmail.com) | NOASSERTION
+mdurl | 0.1.2 | LIBRARY | Taneli Hukkinen (hukkin@users.noreply.github.com) | NOASSERTION
+pygments | 2.15.1 | LIBRARY | Georg Brandl (georg@python.org) | BSD-2-Clause
+rpmfile | 1.1.1 | LIBRARY | Sean Ross (srossross@gmail.com) | MIT
+toml | 0.10.2 | LIBRARY | William Pearson (uiri@xqz.ca) | MIT
+xmlschema | 2.3.1 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+elementpath | 4.1.3 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+zstandard | 0.21.0 | LIBRARY | Gregory Szorc (gregory.szorc@gmail.com) | BSD-3-Clause
+
+Name | Version | Ecosystem | Download | Copyright
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.2.2.dev0 | pypi | https://pypi.org/project/cve-bin-tool/3.2.2.dev0 | NOASSERTION
+aiohttp | 3.8.4 | pypi | https://pypi.org/project/aiohttp/3.8.4 | NOASSERTION
+aiosignal | 1.3.1 | pypi | https://pypi.org/project/aiosignal/1.3.1 | NOASSERTION
+frozenlist | 1.3.3 | pypi | https://pypi.org/project/frozenlist/1.3.3 | NOASSERTION
+async-timeout | 4.0.2 | pypi | https://pypi.org/project/async-timeout/4.0.2 | NOASSERTION
+typing-extensions | 4.6.3 | pypi | https://pypi.org/project/typing_extensions/4.6.3 | NOASSERTION
+asynctest | 0.13.0 | pypi | https://pypi.org/project/asynctest/0.13.0 | NOASSERTION
+attrs | 23.1.0 | pypi | https://pypi.org/project/attrs/23.1.0 | NOASSERTION
+importlib-metadata | 6.7.0 | pypi | https://pypi.org/project/importlib-metadata/6.7.0 | NOASSERTION
+zipp | 3.15.0 | pypi | https://pypi.org/project/zipp/3.15.0 | NOASSERTION
+charset-normalizer | 3.1.0 | pypi | https://pypi.org/project/charset-normalizer/3.1.0 | NOASSERTION
+multidict | 6.0.4 | pypi | https://pypi.org/project/multidict/6.0.4 | NOASSERTION
+yarl | 1.9.2 | pypi | https://pypi.org/project/yarl/1.9.2 | NOASSERTION
+idna | 3.4 | pypi | https://pypi.org/project/idna/3.4 | NOASSERTION
+beautifulsoup4 | 4.12.2 | pypi | https://pypi.org/project/beautifulsoup4/4.12.2 | NOASSERTION
+soupsieve | 2.4.1 | pypi | https://pypi.org/project/soupsieve/2.4.1 | NOASSERTION
+cvss | 2.6 | pypi | https://pypi.org/project/cvss/2.6 | NOASSERTION
+defusedxml | 0.7.1 | pypi | https://pypi.org/project/defusedxml/0.7.1 | NOASSERTION
+distro | 1.8.0 | pypi | https://pypi.org/project/distro/1.8.0 | NOASSERTION
+gsutil | 5.25 | pypi | https://pypi.org/project/gsutil/5.25 | NOASSERTION
+argcomplete | 3.1.1 | pypi | https://pypi.org/project/argcomplete/3.1.1 | NOASSERTION
+crcmod | 1.7 | pypi | https://pypi.org/project/crcmod/1.7 | NOASSERTION
+fasteners | 0.18 | pypi | https://pypi.org/project/fasteners/0.18 | NOASSERTION
+gcs-oauth2-boto-plugin | 3.0 | pypi | https://pypi.org/project/gcs-oauth2-boto-plugin/3.0 | NOASSERTION
+boto | 2.49.0 | pypi | https://pypi.org/project/boto/2.49.0 | NOASSERTION
+google-reauth | 0.1.1 | pypi | https://pypi.org/project/google-reauth/0.1.1 | NOASSERTION
+pyu2f | 0.1.5 | pypi | https://pypi.org/project/pyu2f/0.1.5 | NOASSERTION
+six | 1.16.0 | pypi | https://pypi.org/project/six/1.16.0 | NOASSERTION
+httplib2 | 0.20.4 | pypi | https://pypi.org/project/httplib2/0.20.4 | NOASSERTION
+pyparsing | 3.1.0 | pypi | https://pypi.org/project/pyparsing/3.1.0 | NOASSERTION
+oauth2client | 4.1.3 | pypi | https://pypi.org/project/oauth2client/4.1.3 | NOASSERTION
+pyasn1 | 0.5.0 | pypi | https://pypi.org/project/pyasn1/0.5.0 | NOASSERTION
+pyasn1-modules | 0.3.0 | pypi | https://pypi.org/project/pyasn1-modules/0.3.0 | NOASSERTION
+rsa | 4.7.2 | pypi | https://pypi.org/project/rsa/4.7.2 | NOASSERTION
+pyopenssl | 23.2.0 | pypi | https://pypi.org/project/pyOpenSSL/23.2.0 | NOASSERTION
+cryptography | 41.0.1 | pypi | https://pypi.org/project/cryptography/41.0.1 | NOASSERTION
+cffi | 1.15.1 | pypi | https://pypi.org/project/cffi/1.15.1 | NOASSERTION
+pycparser | 2.21 | pypi | https://pypi.org/project/pycparser/2.21 | NOASSERTION
+retry-decorator | 1.1.1 | pypi | https://pypi.org/project/retry-decorator/1.1.1 | NOASSERTION
+google-apitools | 0.5.32 | pypi | https://pypi.org/project/google-apitools/0.5.32 | NOASSERTION
+google-auth | 2.20.0 | pypi | https://pypi.org/project/google-auth/2.20.0 | NOASSERTION
+cachetools | 5.3.1 | pypi | https://pypi.org/project/cachetools/5.3.1 | NOASSERTION
+urllib3 | 1.26.16 | pypi | https://pypi.org/project/urllib3/1.26.16 | NOASSERTION
+monotonic | 1.6 | pypi | https://pypi.org/project/monotonic/1.6 | NOASSERTION
+importlib-resources | 5.12.0 | pypi | https://pypi.org/project/importlib-resources/5.12.0 | NOASSERTION
+jinja2 | 3.1.2 | pypi | https://pypi.org/project/Jinja2/3.1.2 | NOASSERTION
+markupsafe | 2.1.3 | pypi | https://pypi.org/project/MarkupSafe/2.1.3 | NOASSERTION
+jsonschema | 4.17.3 | pypi | https://pypi.org/project/jsonschema/4.17.3 | NOASSERTION
+pkgutil-resolve-name | 1.3.10 | pypi | https://pypi.org/project/pkgutil_resolve_name/1.3.10 | NOASSERTION
+pyrsistent | 0.19.3 | pypi | https://pypi.org/project/pyrsistent/0.19.3 | NOASSERTION
+lib4sbom | 0.3.1 | pypi | https://pypi.org/project/lib4sbom/0.3.1 | NOASSERTION
+pyyaml | 6.0 | pypi | https://pypi.org/project/PyYAML/6.0 | NOASSERTION
+semantic-version | 2.10.0 | pypi | https://pypi.org/project/semantic-version/2.10.0 | NOASSERTION
+packaging | 21.3 | pypi | https://pypi.org/project/packaging/21.3 | NOASSERTION
+plotly | 5.15.0 | pypi | https://pypi.org/project/plotly/5.15.0 | NOASSERTION
+tenacity | 8.2.2 | pypi | https://pypi.org/project/tenacity/8.2.2 | NOASSERTION
+python-gnupg | 0.5.0 | pypi | https://pypi.org/project/python-gnupg/0.5.0 | NOASSERTION
+requests | 2.31.0 | pypi | https://pypi.org/project/requests/2.31.0 | NOASSERTION
+certifi | 2023.5.7 | pypi | https://pypi.org/project/certifi/2023.5.7 | NOASSERTION
+rich | 13.4.2 | pypi | https://pypi.org/project/rich/13.4.2 | NOASSERTION
+markdown-it-py | 2.2.0 | pypi | https://pypi.org/project/markdown-it-py/2.2.0 | NOASSERTION
+mdurl | 0.1.2 | pypi | https://pypi.org/project/mdurl/0.1.2 | NOASSERTION
+pygments | 2.15.1 | pypi | https://pypi.org/project/Pygments/2.15.1 | NOASSERTION
+rpmfile | 1.1.1 | pypi | https://pypi.org/project/rpmfile/1.1.1 | NOASSERTION
+toml | 0.10.2 | pypi | https://pypi.org/project/toml/0.10.2 | NOASSERTION
+xmlschema | 2.3.1 | pypi | https://pypi.org/project/xmlschema/2.3.1 | NOASSERTION
+elementpath | 4.1.3 | pypi | https://pypi.org/project/elementpath/4.1.3 | NOASSERTION
+zstandard | 0.21.0 | pypi | https://pypi.org/project/zstandard/0.21.0 | NOASSERTION
+
+Name | PURL | CPE
+| -------- | -------- | -------- 
+cve-bin-tool | pkg:pypi/cve-bin-tool@3.2.2.dev0 | cpe:2.3:a:terri_oda:cve-bin-tool:3.2.2.dev0:*:*:*:*:*:*:*
+aiohttp | pkg:pypi/aiohttp@3.8.4 | 
+aiosignal | pkg:pypi/aiosignal@1.3.1 | 
+frozenlist | pkg:pypi/frozenlist@1.3.3 | 
+async-timeout | pkg:pypi/async-timeout@4.0.2 | cpe:2.3:a:andrew_svetlov:async-timeout:4.0.2:*:*:*:*:*:*:*
+typing-extensions | pkg:pypi/typing-extensions@4.6.3 | cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.6.3:*:*:*:*:*:*:*
+asynctest | pkg:pypi/asynctest@0.13.0 | cpe:2.3:a:martin_richard:asynctest:0.13.0:*:*:*:*:*:*:*
+attrs | pkg:pypi/attrs@23.1.0 | cpe:2.3:a:hynek_schlawack:attrs:23.1.0:*:*:*:*:*:*:*
+importlib-metadata | pkg:pypi/importlib-metadata@6.7.0 | cpe:2.3:a:jason_r._coombs:importlib-metadata:6.7.0:*:*:*:*:*:*:*
+zipp | pkg:pypi/zipp@3.15.0 | cpe:2.3:a:jason_r._coombs:zipp:3.15.0:*:*:*:*:*:*:*
+charset-normalizer | pkg:pypi/charset-normalizer@3.1.0 | cpe:2.3:a:ahmed_tahri:charset-normalizer:3.1.0:*:*:*:*:*:*:*
+multidict | pkg:pypi/multidict@6.0.4 | cpe:2.3:a:andrew_svetlov:multidict:6.0.4:*:*:*:*:*:*:*
+yarl | pkg:pypi/yarl@1.9.2 | cpe:2.3:a:andrew_svetlov:yarl:1.9.2:*:*:*:*:*:*:*
+idna | pkg:pypi/idna@3.4 | cpe:2.3:a:kim_davies:idna:3.4:*:*:*:*:*:*:*
+beautifulsoup4 | pkg:pypi/beautifulsoup4@4.12.2 | cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.2:*:*:*:*:*:*:*
+soupsieve | pkg:pypi/soupsieve@2.4.1 | cpe:2.3:a:isaac_muse:soupsieve:2.4.1:*:*:*:*:*:*:*
+cvss | pkg:pypi/cvss@2.6 | cpe:2.3:a:stanislav_red_hat_product_security:cvss:2.6:*:*:*:*:*:*:*
+defusedxml | pkg:pypi/defusedxml@0.7.1 | cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:*:*:*:*:*
+distro | pkg:pypi/distro@1.8.0 | cpe:2.3:a:nir_cohen:distro:1.8.0:*:*:*:*:*:*:*
+gsutil | pkg:pypi/gsutil@5.25 | cpe:2.3:a:google_inc.:gsutil:5.25:*:*:*:*:*:*:*
+argcomplete | pkg:pypi/argcomplete@3.1.1 | cpe:2.3:a:andrey_kislyuk:argcomplete:3.1.1:*:*:*:*:*:*:*
+crcmod | pkg:pypi/crcmod@1.7 | cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
+fasteners | pkg:pypi/fasteners@0.18 | cpe:2.3:a:joshua_harlow:fasteners:0.18:*:*:*:*:*:*:*
+gcs-oauth2-boto-plugin | pkg:pypi/gcs-oauth2-boto-plugin@3.0 | cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.0:*:*:*:*:*:*:*
+boto | pkg:pypi/boto@2.49.0 | cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:*
+google-reauth | pkg:pypi/google-reauth@0.1.1 | cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*:*
+pyu2f | pkg:pypi/pyu2f@0.1.5 | cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
+six | pkg:pypi/six@1.16.0 | cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*:*:*
+httplib2 | pkg:pypi/httplib2@0.20.4 | cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*:*:*
+pyparsing | pkg:pypi/pyparsing@3.1.0 | cpe:2.3:a:paul_mcguire:pyparsing:3.1.0:*:*:*:*:*:*:*
+oauth2client | pkg:pypi/oauth2client@4.1.3 | cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*:*:*:*
+pyasn1 | pkg:pypi/pyasn1@0.5.0 | cpe:2.3:a:ilya_etingof:pyasn1:0.5.0:*:*:*:*:*:*:*
+pyasn1-modules | pkg:pypi/pyasn1-modules@0.3.0 | cpe:2.3:a:ilya_etingof:pyasn1-modules:0.3.0:*:*:*:*:*:*:*
+rsa | pkg:pypi/rsa@4.7.2 | cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*:*
+pyopenssl | pkg:pypi/pyopenssl@23.2.0 | cpe:2.3:a:the_pyopenssl_developers:pyopenssl:23.2.0:*:*:*:*:*:*:*
+cryptography | pkg:pypi/cryptography@41.0.1 | cpe:2.3:a:the_python_cryptographic_authority_and_individual_contributors:cryptography:41.0.1:*:*:*:*:*:*:*
+cffi | pkg:pypi/cffi@1.15.1 | cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.15.1:*:*:*:*:*:*:*
+pycparser | pkg:pypi/pycparser@2.21 | cpe:2.3:a:eli_bendersky:pycparser:2.21:*:*:*:*:*:*:*
+retry-decorator | pkg:pypi/retry-decorator@1.1.1 | cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*:*:*:*:*
+google-apitools | pkg:pypi/google-apitools@0.5.32 | cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*:*:*:*:*:*
+google-auth | pkg:pypi/google-auth@2.20.0 | cpe:2.3:a:google_cloud_platform:google-auth:2.20.0:*:*:*:*:*:*:*
+cachetools | pkg:pypi/cachetools@5.3.1 | cpe:2.3:a:thomas_kemmer:cachetools:5.3.1:*:*:*:*:*:*:*
+urllib3 | pkg:pypi/urllib3@1.26.16 | cpe:2.3:a:andrey_petrov:urllib3:1.26.16:*:*:*:*:*:*:*
+monotonic | pkg:pypi/monotonic@1.6 | cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
+importlib-resources | pkg:pypi/importlib-resources@5.12.0 | cpe:2.3:a:barry_warsaw:importlib-resources:5.12.0:*:*:*:*:*:*:*
+jinja2 | pkg:pypi/jinja2@3.1.2 | cpe:2.3:a:armin_ronacher:jinja2:3.1.2:*:*:*:*:*:*:*
+markupsafe | pkg:pypi/markupsafe@2.1.3 | 
+jsonschema | pkg:pypi/jsonschema@4.17.3 | cpe:2.3:a:julian_berman:jsonschema:4.17.3:*:*:*:*:*:*:*
+pkgutil-resolve-name | pkg:pypi/pkgutil-resolve-name@1.3.10 | cpe:2.3:a:vinay_sajip:pkgutil-resolve-name:1.3.10:*:*:*:*:*:*:*
+pyrsistent | pkg:pypi/pyrsistent@0.19.3 | cpe:2.3:a:tobias_gustafsson:pyrsistent:0.19.3:*:*:*:*:*:*:*
+lib4sbom | pkg:pypi/lib4sbom@0.3.1 | cpe:2.3:a:anthony_harrison:lib4sbom:0.3.1:*:*:*:*:*:*:*
+pyyaml | pkg:pypi/pyyaml@6.0 | cpe:2.3:a:kirill_simonov:pyyaml:6.0:*:*:*:*:*:*:*
+semantic-version | pkg:pypi/semantic-version@2.10.0 | cpe:2.3:a:raphael_barrois:semantic-version:2.10.0:*:*:*:*:*:*:*
+packaging | pkg:pypi/packaging@21.3 | cpe:2.3:a:donald_stufft_and_individual_contributors:packaging:21.3:*:*:*:*:*:*:*
+plotly | pkg:pypi/plotly@5.15.0 | cpe:2.3:a:chris_p:plotly:5.15.0:*:*:*:*:*:*:*
+tenacity | pkg:pypi/tenacity@8.2.2 | cpe:2.3:a:julien_danjou:tenacity:8.2.2:*:*:*:*:*:*:*
+python-gnupg | pkg:pypi/python-gnupg@0.5.0 | cpe:2.3:a:vinay_sajip:python-gnupg:0.5.0:*:*:*:*:*:*:*
+requests | pkg:pypi/requests@2.31.0 | cpe:2.3:a:kenneth_reitz:requests:2.31.0:*:*:*:*:*:*:*
+certifi | pkg:pypi/certifi@2023.5.7 | cpe:2.3:a:kenneth_reitz:certifi:2023.5.7:*:*:*:*:*:*:*
+rich | pkg:pypi/rich@13.4.2 | cpe:2.3:a:will_mcgugan:rich:13.4.2:*:*:*:*:*:*:*
+markdown-it-py | pkg:pypi/markdown-it-py@2.2.0 | cpe:2.3:a:chris_sewell:markdown-it-py:2.2.0:*:*:*:*:*:*:*
+mdurl | pkg:pypi/mdurl@0.1.2 | cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:*:*
+pygments | pkg:pypi/pygments@2.15.1 | cpe:2.3:a:georg_brandl:pygments:2.15.1:*:*:*:*:*:*:*
+rpmfile | pkg:pypi/rpmfile@1.1.1 | cpe:2.3:a:sean_ross:rpmfile:1.1.1:*:*:*:*:*:*:*
+toml | pkg:pypi/toml@0.10.2 | cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:*:*
+xmlschema | pkg:pypi/xmlschema@2.3.1 | cpe:2.3:a:davide_brunato:xmlschema:2.3.1:*:*:*:*:*:*:*
+elementpath | pkg:pypi/elementpath@4.1.3 | cpe:2.3:a:davide_brunato:elementpath:4.1.3:*:*:*:*:*:*:*
+zstandard | pkg:pypi/zstandard@0.21.0 | cpe:2.3:a:gregory_szorc:zstandard:0.21.0:*:*:*:*:*:*:*
+
+# Component Type Summary
+
+Type | Count
+| -------- | -------- 
+APPLICATION | 1
+LIBRARY | 67
+
+# License Summary
+
+License | Count
+| -------- | -------- 
+Apache-2.0 | 23
+Apache-2.0 OR BSD-3-Clause | 1
+BSD-2-Clause | 2
+BSD-2-Clause OR Apache-2.0 | 1
+BSD-3-Clause | 7
+GPL-3.0-or-later | 1
+LGPL-3.0-or-later | 1
+MIT | 18
+MPL-2.0 | 1
+NOASSERTION | 12
+PSF-2.0 | 1
+
+# Supplier Summary
+
+Supplier | Count
+| -------- | -------- 
+Ahmed TAHRI (ahmed.tahri@cloudnursery.dev) | 1
+Andrew Svetlov (andrew.svetlov@gmail.com) | 3
+Andrey Kislyuk (kislyuk@gmail.com) | 1
+Andrey Petrov (andrey.petrov@shazow.net) | 1
+Anthony Harrison (anthony.p.harrison@gmail.com) | 1
+Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | 1
+Armin Ronacher (armin.ronacher@active-4.com) | 1
+Barry Warsaw (barry@python.org) | 1
+Benjamin Peterson (benjamin@python.org) | 1
+Chris P (chris@plot.ly) | 1
+Chris Sewell (chrisj_sewell@hotmail.com) | 1
+Christian Heimes (christian@python.org) | 1
+Craig Citro (craigcitro@google.com) | 1
+Davide Brunato (brunato@sissa.it) | 2
+Donald Stufft and individual contributors (donald@stufft.io) | 1
+Eli Bendersky (eliben@gmail.com) | 1
+Georg Brandl (georg@python.org) | 1
+Google (googleapis-publisher@google.com) | 1
+Google Cloud Platform (googleapis-packages@google.com) | 1
+Google Inc. (buganizer-system+187143@google.com) | 1
+Google Inc. (gs-team@google.com) | 1
+Google Inc. (jonwayne+oauth2client@google.com) | 1
+Google Inc. (pyu2f-team@google.com) | 1
+Gregory Szorc (gregory.szorc@gmail.com) | 1
+Guido van Jukka ukasz Michael (levkivskyi@gmail.com) | 1
+Hynek Schlawack (hs@ox.cx) | 1
+Ilya Etingof (etingof@gmail.com) | 2
+Isaac Muse (use@gmail.com) | 1
+Jason R. Coombs (jaraco@jaraco.com) | 2
+Joe Gregorio (joe@bitworking.org) | 1
+Joshua Harlow | 1
+Julian Berman | 1
+Julien Danjou (julien@danjou.info) | 1
+Kenneth Reitz (me@kennethreitz.com) | 1
+Kenneth Reitz (me@kennethreitz.org) | 1
+Kim Davies (kim@cynosure.com.au) | 1
+Kirill Simonov (xi@resolvent.net) | 1
+Leonard Richardson (leonardr@segfault.org) | 1
+Martin Richard (martius@martiusweb.net) | 1
+Mitch Garnaat (mitch@garnaat.com) | 1
+NOASSERTION | 4
+Nir Cohen (nir36g@gmail.com) | 1
+Ori Livneh (ori@wikimedia.org) | 1
+Patrick Ng (pn.appdev@gmail.com) | 1
+Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | 1
+Raphael Barrois (raphael.barrois+semver@polytechnique.org) | 1
+Ray Buvel (rlbuvel@gmail.com) | 1
+Sean Ross (srossross@gmail.com) | 1
+Stanislav Red Hat Product Security (skontar@redhat.com) | 1
+Sybren A. Stuvel (sybren@stuvel.eu) | 1
+Taneli Hukkinen (hukkin@users.noreply.github.com) | 1
+Terri Oda (terri.oda@intel.com) | 1
+The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | 1
+The pyOpenSSL developers (cryptography-dev@python.org) | 1
+Thomas Kemmer (tkemmer@computer.org) | 1
+Tobias Gustafsson (tobias.l.gustafsson@gmail.com) | 1
+Vinay Sajip (vinay_sajip@yahoo.co.uk) | 2
+Will McGugan (willmcgugan@gmail.com) | 1
+William Pearson (uiri@xqz.ca) | 1
+
+# NTIA Summary
+
+Element | Status
+| -------- | -------- 
+All file information provided? | True
+All package information provided? | False
+Creator identified? | True
+Creation time identified? | True
+Dependency relationships provided? | True
+NTIA conformant False
diff --git a/sbom/sboms_for_humans/cve-bin-tool-py3.8.md b/sbom/sboms_for_humans/cve-bin-tool-py3.8.md
new file mode 100644
index 0000000000..2240596838
--- /dev/null
+++ b/sbom/sboms_for_humans/cve-bin-tool-py3.8.md
@@ -0,0 +1,359 @@
+
+# SBOM Summary
+
+Item | Details
+| -------- | -------- 
+SBOM File | cve-bin-tool-py3.8.spdx
+SBOM Type | spdx
+Version | SPDX-2.3
+Name | Python-cve-bin-tool
+Creator | Tool:sbom4python-0.11.3
+Created | 2024-11-11T00:36:58Z
+Files | 0
+Packages | 77
+Relationships | 119
+Services | 0
+Vulnerabilities | 0
+
+# Package Summary
+
+Name | Version | Type | Supplier | License
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | APPLICATION | Terri Oda (terri.oda@intel.com) | GPL-3.0-or-later
+aiohttp | 3.10.10 | LIBRARY | NOASSERTION | Apache-2.0
+aiohappyeyeballs | 2.4.3 | LIBRARY | J. Nick Koston (nick@koston.org) | PSF-2.0
+aiosignal | 1.3.1 | LIBRARY | NOASSERTION | Apache-2.0
+frozenlist | 1.5.0 | LIBRARY | NOASSERTION | Apache-2.0
+async-timeout | 4.0.3 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+attrs | 24.2.0 | LIBRARY | Hynek Schlawack (hs@ox.cx) | NOASSERTION
+multidict | 6.1.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+typing-extensions | 4.12.2 | LIBRARY | Guido van Jukka ukasz Michael (levkivskyi@gmail.com) | NOASSERTION
+yarl | 1.15.2 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+idna | 3.10 | LIBRARY | Kim Davies (kim+pypi@gumleaf.org) | NOASSERTION
+propcache | 0.2.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+beautifulsoup4 | 4.12.3 | LIBRARY | Leonard Richardson (leonardr@segfault.org) | MIT
+soupsieve | 2.6 | LIBRARY | Isaac Muse (Isaac.Muse@gmail.com) | NOASSERTION
+cvss | 3.3 | LIBRARY | Stanislav Red Hat Product Security (skontar@redhat.com) | LGPL-3.0-or-later
+defusedxml | 0.7.1 | LIBRARY | Christian Heimes (christian@python.org) | PSF-2.0
+distro | 1.9.0 | LIBRARY | Nir Cohen (nir36g@gmail.com) | Apache-2.0
+filetype | 1.2.0 | LIBRARY | Tomas Aparicio (tomas@aparicio.me) | MIT
+gsutil | 5.31 | LIBRARY | Google Inc. (buganizer-system+187143@google.com) | Apache-2.0
+argcomplete | 3.5.1 | LIBRARY | Andrey Kislyuk (kislyuk@gmail.com) | Apache-2.0
+crcmod | 1.7 | LIBRARY | Ray Buvel (rlbuvel@gmail.com) | MIT
+fasteners | 0.19 | LIBRARY | Joshua Harlow | Apache-2.0
+gcs-oauth2-boto-plugin | 3.2 | LIBRARY | Google Inc. (gs-team@google.com) | Apache-2.0
+boto | 2.49.0 | LIBRARY | Mitch Garnaat (mitch@garnaat.com) | MIT
+google-auth | 2.17.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+cachetools | 5.5.0 | LIBRARY | Thomas Kemmer (tkemmer@computer.org) | MIT
+pyasn1-modules | 0.4.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-3-Clause
+pyasn1 | 0.6.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-2-Clause
+rsa | 4.7.2 | LIBRARY | Sybren A. Stuvel (sybren@stuvel.eu) | Apache-2.0
+six | 1.16.0 | LIBRARY | Benjamin Peterson (benjamin@python.org) | MIT
+google-auth-httplib2 | 0.2.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+httplib2 | 0.20.4 | LIBRARY | Joe Gregorio (joe@bitworking.org) | MIT
+pyparsing | 3.1.4 | LIBRARY | Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | NOASSERTION
+google-reauth | 0.1.1 | LIBRARY | Google (googleapis-publisher@google.com) | Apache-2.0
+pyu2f | 0.1.5 | LIBRARY | Google Inc. (pyu2f-team@google.com) | Apache-2.0
+oauth2client | 4.1.3 | LIBRARY | Google Inc. (jonwayne+oauth2client@google.com) | Apache-2.0
+pyopenssl | 24.2.1 | LIBRARY | The pyOpenSSL developers (cryptography-dev@python.org) | Apache-2.0
+cryptography | 43.0.3 | LIBRARY | The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | Apache-2.0 OR BSD-3-Clause
+cffi | 1.17.1 | LIBRARY | Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | MIT
+pycparser | 2.22 | LIBRARY | Eli Bendersky (eliben@gmail.com) | BSD-3-Clause
+retry-decorator | 1.1.1 | LIBRARY | Patrick Ng (pn.appdev@gmail.com) | MIT
+google-apitools | 0.5.32 | LIBRARY | Craig Citro (craigcitro@google.com) | Apache-2.0
+monotonic | 1.6 | LIBRARY | Ori Livneh (ori@wikimedia.org) | Apache-2.0
+importlib-metadata | 8.5.0 | LIBRARY | Jason R. (jaraco@jaraco.com) | NOASSERTION
+zipp | 3.20.2 | LIBRARY | Jason R. (jaraco@jaraco.com) | NOASSERTION
+importlib-resources | 6.4.5 | LIBRARY | Barry Warsaw (barry@python.org) | NOASSERTION
+jinja2 | 3.1.4 | LIBRARY | NOASSERTION | NOASSERTION
+markupsafe | 2.1.5 | LIBRARY | NOASSERTION | BSD-3-Clause
+jsonschema | 4.23.0 | LIBRARY | Julian Berman (Julian+jsonschema@GrayVines.com) | MIT
+jsonschema-specifications | 2023.12.1 | LIBRARY | Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | MIT
+referencing | 0.35.1 | LIBRARY | Julian Berman (Julian+referencing@GrayVines.com) | NOASSERTION
+rpds-py | 0.20.1 | LIBRARY | Julian Berman (Julian+rpds@GrayVines.com) | MIT
+pkgutil-resolve-name | 1.3.10 | LIBRARY | Vinay Sajip (vinay_sajip@yahoo.co.uk) | NOASSERTION
+lib4sbom | 0.7.5 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+pyyaml | 6.0.2 | LIBRARY | Kirill Simonov (xi@resolvent.net) | MIT
+semantic-version | 2.10.0 | LIBRARY | Raphael Barrois (raphael.barrois+semver@polytechnique.org) | BSD-3-Clause
+lib4vex | 0.2.0 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+csaf-tool | 0.3.2 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | MIT
+packageurl-python | 0.16.0 | LIBRARY | the purl authors | MIT
+rich | 13.9.4 | LIBRARY | Will McGugan (willmcgugan@gmail.com) | MIT
+markdown-it-py | 3.0.0 | LIBRARY | Chris Sewell (chrisj_sewell@hotmail.com) | NOASSERTION
+mdurl | 0.1.2 | LIBRARY | Taneli Hukkinen (hukkin@users.noreply.github.com) | NOASSERTION
+pygments | 2.18.0 | LIBRARY | Georg Brandl (georg@python.org) | BSD-2-Clause
+packaging | 24.2 | LIBRARY | Donald Stufft (donald@stufft.io) | NOASSERTION
+plotly | 5.24.1 | LIBRARY | Chris P (chris@plot.ly) | MIT
+tenacity | 9.0.0 | LIBRARY | Julien Danjou (julien@danjou.info) | Apache-2.0
+python-gnupg | 0.5.3 | LIBRARY | Vinay Sajip (vinay_sajip@yahoo.co.uk) | BSD-3-Clause
+requests | 2.32.3 | LIBRARY | Kenneth Reitz (me@kennethreitz.org) | Apache-2.0
+certifi | 2024.8.30 | LIBRARY | Kenneth Reitz (me@kennethreitz.com) | MPL-2.0
+charset-normalizer | 3.4.0 | LIBRARY | Ahmed TAHRI (tahri.ahmed@proton.me) | MIT
+urllib3 | 2.2.3 | LIBRARY | Andrey Petrov (andrey.petrov@shazow.net) | NOASSERTION
+rpmfile | 2.1.0 | LIBRARY | Sean Ross (srossross@gmail.com) | MIT
+setuptools | 75.3.0 | LIBRARY | Python Packaging Authority (distutils-sig@python.org) | NOASSERTION
+toml | 0.10.2 | LIBRARY | William Pearson (uiri@xqz.ca) | MIT
+xmlschema | 3.4.3 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+elementpath | 4.6.0 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+zstandard | 0.23.0 | LIBRARY | Gregory Szorc (gregory.szorc@gmail.com) | BSD-3-Clause
+
+Name | Version | Ecosystem | Download | Copyright
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | pypi | https://pypi.org/project/cve-bin-tool/3.4/#files | NOASSERTION
+aiohttp | 3.10.10 | pypi | https://pypi.org/project/aiohttp/3.10.10/#files | NOASSERTION
+aiohappyeyeballs | 2.4.3 | pypi | https://pypi.org/project/aiohappyeyeballs/2.4.3/#files | NOASSERTION
+aiosignal | 1.3.1 | pypi | https://pypi.org/project/aiosignal/1.3.1/#files | NOASSERTION
+frozenlist | 1.5.0 | pypi | https://pypi.org/project/frozenlist/1.5.0/#files | NOASSERTION
+async-timeout | 4.0.3 | pypi | https://pypi.org/project/async-timeout/4.0.3/#files | NOASSERTION
+attrs | 24.2.0 | pypi | https://pypi.org/project/attrs/24.2.0/#files | NOASSERTION
+multidict | 6.1.0 | pypi | https://pypi.org/project/multidict/6.1.0/#files | NOASSERTION
+typing-extensions | 4.12.2 | pypi | https://pypi.org/project/typing-extensions/4.12.2/#files | NOASSERTION
+yarl | 1.15.2 | pypi | https://pypi.org/project/yarl/1.15.2/#files | NOASSERTION
+idna | 3.10 | pypi | https://pypi.org/project/idna/3.10/#files | NOASSERTION
+propcache | 0.2.0 | pypi | https://pypi.org/project/propcache/0.2.0/#files | NOASSERTION
+beautifulsoup4 | 4.12.3 | pypi | https://pypi.org/project/beautifulsoup4/4.12.3/#files | NOASSERTION
+soupsieve | 2.6 | pypi | https://pypi.org/project/soupsieve/2.6/#files | NOASSERTION
+cvss | 3.3 | pypi | https://pypi.org/project/cvss/3.3/#files | NOASSERTION
+defusedxml | 0.7.1 | pypi | https://pypi.org/project/defusedxml/0.7.1/#files | NOASSERTION
+distro | 1.9.0 | pypi | https://pypi.org/project/distro/1.9.0/#files | NOASSERTION
+filetype | 1.2.0 | pypi | https://pypi.org/project/filetype/1.2.0/#files | NOASSERTION
+gsutil | 5.31 | pypi | https://pypi.org/project/gsutil/5.31/#files | NOASSERTION
+argcomplete | 3.5.1 | pypi | https://pypi.org/project/argcomplete/3.5.1/#files | NOASSERTION
+crcmod | 1.7 | pypi | https://pypi.org/project/crcmod/1.7/#files | NOASSERTION
+fasteners | 0.19 | pypi | https://pypi.org/project/fasteners/0.19/#files | NOASSERTION
+gcs-oauth2-boto-plugin | 3.2 | pypi | https://pypi.org/project/gcs-oauth2-boto-plugin/3.2/#files | NOASSERTION
+boto | 2.49.0 | pypi | https://pypi.org/project/boto/2.49.0/#files | NOASSERTION
+google-auth | 2.17.0 | pypi | https://pypi.org/project/google-auth/2.17.0/#files | NOASSERTION
+cachetools | 5.5.0 | pypi | https://pypi.org/project/cachetools/5.5.0/#files | NOASSERTION
+pyasn1-modules | 0.4.1 | pypi | https://pypi.org/project/pyasn1-modules/0.4.1/#files | NOASSERTION
+pyasn1 | 0.6.1 | pypi | https://pypi.org/project/pyasn1/0.6.1/#files | NOASSERTION
+rsa | 4.7.2 | pypi | https://pypi.org/project/rsa/4.7.2/#files | NOASSERTION
+six | 1.16.0 | pypi | https://pypi.org/project/six/1.16.0/#files | NOASSERTION
+google-auth-httplib2 | 0.2.0 | pypi | https://pypi.org/project/google-auth-httplib2/0.2.0/#files | NOASSERTION
+httplib2 | 0.20.4 | pypi | https://pypi.org/project/httplib2/0.20.4/#files | NOASSERTION
+pyparsing | 3.1.4 | pypi | https://pypi.org/project/pyparsing/3.1.4/#files | NOASSERTION
+google-reauth | 0.1.1 | pypi | https://pypi.org/project/google-reauth/0.1.1/#files | NOASSERTION
+pyu2f | 0.1.5 | pypi | https://pypi.org/project/pyu2f/0.1.5/#files | NOASSERTION
+oauth2client | 4.1.3 | pypi | https://pypi.org/project/oauth2client/4.1.3/#files | NOASSERTION
+pyopenssl | 24.2.1 | pypi | https://pypi.org/project/pyopenssl/24.2.1/#files | NOASSERTION
+cryptography | 43.0.3 | pypi | https://pypi.org/project/cryptography/43.0.3/#files | NOASSERTION
+cffi | 1.17.1 | pypi | https://pypi.org/project/cffi/1.17.1/#files | NOASSERTION
+pycparser | 2.22 | pypi | https://pypi.org/project/pycparser/2.22/#files | NOASSERTION
+retry-decorator | 1.1.1 | pypi | https://pypi.org/project/retry-decorator/1.1.1/#files | NOASSERTION
+google-apitools | 0.5.32 | pypi | https://pypi.org/project/google-apitools/0.5.32/#files | NOASSERTION
+monotonic | 1.6 | pypi | https://pypi.org/project/monotonic/1.6/#files | NOASSERTION
+importlib-metadata | 8.5.0 | pypi | https://pypi.org/project/importlib-metadata/8.5.0/#files | NOASSERTION
+zipp | 3.20.2 | pypi | https://pypi.org/project/zipp/3.20.2/#files | NOASSERTION
+importlib-resources | 6.4.5 | pypi | https://pypi.org/project/importlib-resources/6.4.5/#files | NOASSERTION
+jinja2 | 3.1.4 | pypi | https://pypi.org/project/jinja2/3.1.4/#files | NOASSERTION
+markupsafe | 2.1.5 | pypi | https://pypi.org/project/markupsafe/2.1.5/#files | NOASSERTION
+jsonschema | 4.23.0 | pypi | https://pypi.org/project/jsonschema/4.23.0/#files | NOASSERTION
+jsonschema-specifications | 2023.12.1 | pypi | https://pypi.org/project/jsonschema-specifications/2023.12.1/#files | NOASSERTION
+referencing | 0.35.1 | pypi | https://pypi.org/project/referencing/0.35.1/#files | NOASSERTION
+rpds-py | 0.20.1 | pypi | https://pypi.org/project/rpds-py/0.20.1/#files | NOASSERTION
+pkgutil-resolve-name | 1.3.10 | pypi | https://pypi.org/project/pkgutil-resolve-name/1.3.10/#files | NOASSERTION
+lib4sbom | 0.7.5 | pypi | https://pypi.org/project/lib4sbom/0.7.5/#files | NOASSERTION
+pyyaml | 6.0.2 | pypi | https://pypi.org/project/pyyaml/6.0.2/#files | NOASSERTION
+semantic-version | 2.10.0 | pypi | https://pypi.org/project/semantic-version/2.10.0/#files | NOASSERTION
+lib4vex | 0.2.0 | pypi | https://pypi.org/project/lib4vex/0.2.0/#files | NOASSERTION
+csaf-tool | 0.3.2 | pypi | https://pypi.org/project/csaf-tool/0.3.2/#files | NOASSERTION
+packageurl-python | 0.16.0 | pypi | https://pypi.org/project/packageurl-python/0.16.0/#files | NOASSERTION
+rich | 13.9.4 | pypi | https://pypi.org/project/rich/13.9.4/#files | NOASSERTION
+markdown-it-py | 3.0.0 | pypi | https://pypi.org/project/markdown-it-py/3.0.0/#files | NOASSERTION
+mdurl | 0.1.2 | pypi | https://pypi.org/project/mdurl/0.1.2/#files | NOASSERTION
+pygments | 2.18.0 | pypi | https://pypi.org/project/pygments/2.18.0/#files | NOASSERTION
+packaging | 24.2 | pypi | https://pypi.org/project/packaging/24.2/#files | NOASSERTION
+plotly | 5.24.1 | pypi | https://pypi.org/project/plotly/5.24.1/#files | NOASSERTION
+tenacity | 9.0.0 | pypi | https://pypi.org/project/tenacity/9.0.0/#files | NOASSERTION
+python-gnupg | 0.5.3 | pypi | https://pypi.org/project/python-gnupg/0.5.3/#files | NOASSERTION
+requests | 2.32.3 | pypi | https://pypi.org/project/requests/2.32.3/#files | NOASSERTION
+certifi | 2024.8.30 | pypi | https://pypi.org/project/certifi/2024.8.30/#files | NOASSERTION
+charset-normalizer | 3.4.0 | pypi | https://pypi.org/project/charset-normalizer/3.4.0/#files | NOASSERTION
+urllib3 | 2.2.3 | pypi | https://pypi.org/project/urllib3/2.2.3/#files | NOASSERTION
+rpmfile | 2.1.0 | pypi | https://pypi.org/project/rpmfile/2.1.0/#files | NOASSERTION
+setuptools | 75.3.0 | pypi | https://pypi.org/project/setuptools/75.3.0/#files | NOASSERTION
+toml | 0.10.2 | pypi | https://pypi.org/project/toml/0.10.2/#files | NOASSERTION
+xmlschema | 3.4.3 | pypi | https://pypi.org/project/xmlschema/3.4.3/#files | NOASSERTION
+elementpath | 4.6.0 | pypi | https://pypi.org/project/elementpath/4.6.0/#files | NOASSERTION
+zstandard | 0.23.0 | pypi | https://pypi.org/project/zstandard/0.23.0/#files | NOASSERTION
+
+Name | PURL | CPE
+| -------- | -------- | -------- 
+cve-bin-tool | pkg:pypi/cve-bin-tool@3.4 | cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*:*
+aiohttp | pkg:pypi/aiohttp@3.10.10 | 
+aiohappyeyeballs | pkg:pypi/aiohappyeyeballs@2.4.3 | cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.3:*:*:*:*:*:*:*
+aiosignal | pkg:pypi/aiosignal@1.3.1 | 
+frozenlist | pkg:pypi/frozenlist@1.5.0 | 
+async-timeout | pkg:pypi/async-timeout@4.0.3 | cpe:2.3:a:andrew_svetlov:async-timeout:4.0.3:*:*:*:*:*:*:*
+attrs | pkg:pypi/attrs@24.2.0 | cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:*:*:*
+multidict | pkg:pypi/multidict@6.1.0 | cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*
+typing-extensions | pkg:pypi/typing-extensions@4.12.2 | cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.12.2:*:*:*:*:*:*:*
+yarl | pkg:pypi/yarl@1.15.2 | cpe:2.3:a:andrew_svetlov:yarl:1.15.2:*:*:*:*:*:*:*
+idna | pkg:pypi/idna@3.10 | cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
+propcache | pkg:pypi/propcache@0.2.0 | cpe:2.3:a:andrew_svetlov:propcache:0.2.0:*:*:*:*:*:*:*
+beautifulsoup4 | pkg:pypi/beautifulsoup4@4.12.3 | cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*
+soupsieve | pkg:pypi/soupsieve@2.6 | cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
+cvss | pkg:pypi/cvss@3.3 | cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.3:*:*:*:*:*:*:*
+defusedxml | pkg:pypi/defusedxml@0.7.1 | cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:*:*:*:*:*
+distro | pkg:pypi/distro@1.9.0 | cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
+filetype | pkg:pypi/filetype@1.2.0 | cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:*:*:*
+gsutil | pkg:pypi/gsutil@5.31 | cpe:2.3:a:google_inc.:gsutil:5.31:*:*:*:*:*:*:*
+argcomplete | pkg:pypi/argcomplete@3.5.1 | cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.1:*:*:*:*:*:*:*
+crcmod | pkg:pypi/crcmod@1.7 | cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
+fasteners | pkg:pypi/fasteners@0.19 | cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*:*:*
+gcs-oauth2-boto-plugin | pkg:pypi/gcs-oauth2-boto-plugin@3.2 | cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2:*:*:*:*:*:*:*
+boto | pkg:pypi/boto@2.49.0 | cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:*
+google-auth | pkg:pypi/google-auth@2.17.0 | cpe:2.3:a:google_cloud_platform:google-auth:2.17.0:*:*:*:*:*:*:*
+cachetools | pkg:pypi/cachetools@5.5.0 | cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*
+pyasn1-modules | pkg:pypi/pyasn1-modules@0.4.1 | cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*
+pyasn1 | pkg:pypi/pyasn1@0.6.1 | cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*
+rsa | pkg:pypi/rsa@4.7.2 | cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*:*
+six | pkg:pypi/six@1.16.0 | cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*:*:*
+google-auth-httplib2 | pkg:pypi/google-auth-httplib2@0.2.0 | cpe:2.3:a:google_cloud_platform:google-auth-httplib2:0.2.0:*:*:*:*:*:*:*
+httplib2 | pkg:pypi/httplib2@0.20.4 | cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*:*:*
+pyparsing | pkg:pypi/pyparsing@3.1.4 | cpe:2.3:a:paul_mcguire:pyparsing:3.1.4:*:*:*:*:*:*:*
+google-reauth | pkg:pypi/google-reauth@0.1.1 | cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*:*
+pyu2f | pkg:pypi/pyu2f@0.1.5 | cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
+oauth2client | pkg:pypi/oauth2client@4.1.3 | cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*:*:*:*
+pyopenssl | pkg:pypi/pyopenssl@24.2.1 | cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.2.1:*:*:*:*:*:*:*
+cryptography | pkg:pypi/cryptography@43.0.3 | cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*
+cffi | pkg:pypi/cffi@1.17.1 | cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:*:*:*:*:*:*:*
+pycparser | pkg:pypi/pycparser@2.22 | cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:*:*:*
+retry-decorator | pkg:pypi/retry-decorator@1.1.1 | cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*:*:*:*:*
+google-apitools | pkg:pypi/google-apitools@0.5.32 | cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*:*:*:*:*:*
+monotonic | pkg:pypi/monotonic@1.6 | cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
+importlib-metadata | pkg:pypi/importlib-metadata@8.5.0 | cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*
+zipp | pkg:pypi/zipp@3.20.2 | cpe:2.3:a:jason_r.:zipp:3.20.2:*:*:*:*:*:*:*
+importlib-resources | pkg:pypi/importlib-resources@6.4.5 | cpe:2.3:a:barry_warsaw:importlib-resources:6.4.5:*:*:*:*:*:*:*
+jinja2 | pkg:pypi/jinja2@3.1.4 | 
+markupsafe | pkg:pypi/markupsafe@2.1.5 | 
+jsonschema | pkg:pypi/jsonschema@4.23.0 | cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:*:*:*:*
+jsonschema-specifications | pkg:pypi/jsonschema-specifications@2023.12.1 | cpe:2.3:a:julian_berman:jsonschema-specifications:2023.12.1:*:*:*:*:*:*:*
+referencing | pkg:pypi/referencing@0.35.1 | cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*:*:*:*:*
+rpds-py | pkg:pypi/rpds-py@0.20.1 | cpe:2.3:a:julian_berman:rpds-py:0.20.1:*:*:*:*:*:*:*
+pkgutil-resolve-name | pkg:pypi/pkgutil-resolve-name@1.3.10 | cpe:2.3:a:vinay_sajip:pkgutil-resolve-name:1.3.10:*:*:*:*:*:*:*
+lib4sbom | pkg:pypi/lib4sbom@0.7.5 | cpe:2.3:a:anthony_harrison:lib4sbom:0.7.5:*:*:*:*:*:*:*
+pyyaml | pkg:pypi/pyyaml@6.0.2 | cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*:*:*
+semantic-version | pkg:pypi/semantic-version@2.10.0 | cpe:2.3:a:raphael_barrois:semantic-version:2.10.0:*:*:*:*:*:*:*
+lib4vex | pkg:pypi/lib4vex@0.2.0 | cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*
+csaf-tool | pkg:pypi/csaf-tool@0.3.2 | cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:*:*:*:*:*
+packageurl-python | pkg:pypi/packageurl-python@0.16.0 | cpe:2.3:a:the_purl_authors:packageurl-python:0.16.0:*:*:*:*:*:*:*
+rich | pkg:pypi/rich@13.9.4 | cpe:2.3:a:will_mcgugan:rich:13.9.4:*:*:*:*:*:*:*
+markdown-it-py | pkg:pypi/markdown-it-py@3.0.0 | cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:*:*:*:*:*
+mdurl | pkg:pypi/mdurl@0.1.2 | cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:*:*
+pygments | pkg:pypi/pygments@2.18.0 | cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*:*:*
+packaging | pkg:pypi/packaging@24.2 | cpe:2.3:a:donald_stufft:packaging:24.2:*:*:*:*:*:*:*
+plotly | pkg:pypi/plotly@5.24.1 | cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
+tenacity | pkg:pypi/tenacity@9.0.0 | cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*
+python-gnupg | pkg:pypi/python-gnupg@0.5.3 | cpe:2.3:a:vinay_sajip:python-gnupg:0.5.3:*:*:*:*:*:*:*
+requests | pkg:pypi/requests@2.32.3 | cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*:*:*:*
+certifi | pkg:pypi/certifi@2024.8.30 | cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*:*:*:*:*
+charset-normalizer | pkg:pypi/charset-normalizer@3.4.0 | cpe:2.3:a:ahmed_tahri:charset-normalizer:3.4.0:*:*:*:*:*:*:*
+urllib3 | pkg:pypi/urllib3@2.2.3 | cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*
+rpmfile | pkg:pypi/rpmfile@2.1.0 | cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
+setuptools | pkg:pypi/setuptools@75.3.0 | cpe:2.3:a:python_packaging_authority:setuptools:75.3.0:*:*:*:*:*:*:*
+toml | pkg:pypi/toml@0.10.2 | cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:*:*
+xmlschema | pkg:pypi/xmlschema@3.4.3 | cpe:2.3:a:davide_brunato:xmlschema:3.4.3:*:*:*:*:*:*:*
+elementpath | pkg:pypi/elementpath@4.6.0 | cpe:2.3:a:davide_brunato:elementpath:4.6.0:*:*:*:*:*:*:*
+zstandard | pkg:pypi/zstandard@0.23.0 | cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*:*:*:*
+
+# Component Type Summary
+
+Type | Count
+| -------- | -------- 
+APPLICATION | 1
+LIBRARY | 76
+
+# License Summary
+
+License | Count
+| -------- | -------- 
+Apache-2.0 | 25
+Apache-2.0 OR BSD-3-Clause | 1
+BSD-2-Clause | 2
+BSD-3-Clause | 6
+GPL-3.0-or-later | 1
+LGPL-3.0-or-later | 1
+MIT | 22
+MPL-2.0 | 1
+NOASSERTION | 16
+PSF-2.0 | 2
+
+# Supplier Summary
+
+Supplier | Count
+| -------- | -------- 
+Ahmed TAHRI (tahri.ahmed@proton.me) | 1
+Andrew Svetlov (andrew.svetlov@gmail.com) | 4
+Andrey Kislyuk (kislyuk@gmail.com) | 1
+Andrey Petrov (andrey.petrov@shazow.net) | 1
+Anthony Harrison (anthony.p.harrison@gmail.com) | 3
+Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | 1
+Barry Warsaw (barry@python.org) | 1
+Benjamin Peterson (benjamin@python.org) | 1
+Chris P (chris@plot.ly) | 1
+Chris Sewell (chrisj_sewell@hotmail.com) | 1
+Christian Heimes (christian@python.org) | 1
+Craig Citro (craigcitro@google.com) | 1
+Davide Brunato (brunato@sissa.it) | 2
+Donald Stufft (donald@stufft.io) | 1
+Eli Bendersky (eliben@gmail.com) | 1
+Georg Brandl (georg@python.org) | 1
+Google (googleapis-publisher@google.com) | 1
+Google Cloud Platform (googleapis-packages@google.com) | 2
+Google Inc. (buganizer-system+187143@google.com) | 1
+Google Inc. (gs-team@google.com) | 1
+Google Inc. (jonwayne+oauth2client@google.com) | 1
+Google Inc. (pyu2f-team@google.com) | 1
+Gregory Szorc (gregory.szorc@gmail.com) | 1
+Guido van Jukka ukasz Michael (levkivskyi@gmail.com) | 1
+Hynek Schlawack (hs@ox.cx) | 1
+Ilya Etingof (etingof@gmail.com) | 2
+Isaac Muse (Isaac.Muse@gmail.com) | 1
+J. Nick Koston (nick@koston.org) | 1
+Jason R. (jaraco@jaraco.com) | 2
+Joe Gregorio (joe@bitworking.org) | 1
+Joshua Harlow | 1
+Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | 1
+Julian Berman (Julian+jsonschema@GrayVines.com) | 1
+Julian Berman (Julian+referencing@GrayVines.com) | 1
+Julian Berman (Julian+rpds@GrayVines.com) | 1
+Julien Danjou (julien@danjou.info) | 1
+Kenneth Reitz (me@kennethreitz.com) | 1
+Kenneth Reitz (me@kennethreitz.org) | 1
+Kim Davies (kim+pypi@gumleaf.org) | 1
+Kirill Simonov (xi@resolvent.net) | 1
+Leonard Richardson (leonardr@segfault.org) | 1
+Mitch Garnaat (mitch@garnaat.com) | 1
+NOASSERTION | 5
+Nir Cohen (nir36g@gmail.com) | 1
+Ori Livneh (ori@wikimedia.org) | 1
+Patrick Ng (pn.appdev@gmail.com) | 1
+Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | 1
+Python Packaging Authority (distutils-sig@python.org) | 1
+Raphael Barrois (raphael.barrois+semver@polytechnique.org) | 1
+Ray Buvel (rlbuvel@gmail.com) | 1
+Sean Ross (srossross@gmail.com) | 1
+Stanislav Red Hat Product Security (skontar@redhat.com) | 1
+Sybren A. Stuvel (sybren@stuvel.eu) | 1
+Taneli Hukkinen (hukkin@users.noreply.github.com) | 1
+Terri Oda (terri.oda@intel.com) | 1
+The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | 1
+The pyOpenSSL developers (cryptography-dev@python.org) | 1
+Thomas Kemmer (tkemmer@computer.org) | 1
+Tomas Aparicio (tomas@aparicio.me) | 1
+Vinay Sajip (vinay_sajip@yahoo.co.uk) | 2
+Will McGugan (willmcgugan@gmail.com) | 1
+William Pearson (uiri@xqz.ca) | 1
+the purl authors | 1
+
+# NTIA Summary
+
+Element | Status
+| -------- | -------- 
+All file information provided? | True
+All package information provided? | False
+Creator identified? | True
+Creation time identified? | True
+Dependency relationships provided? | True
+NTIA conformant False
diff --git a/sbom/sboms_for_humans/cve-bin-tool-py3.9.md b/sbom/sboms_for_humans/cve-bin-tool-py3.9.md
new file mode 100644
index 0000000000..d92cad5a79
--- /dev/null
+++ b/sbom/sboms_for_humans/cve-bin-tool-py3.9.md
@@ -0,0 +1,352 @@
+
+# SBOM Summary
+
+Item | Details
+| -------- | -------- 
+SBOM File | cve-bin-tool-py3.9.spdx
+SBOM Type | spdx
+Version | SPDX-2.3
+Name | Python-cve-bin-tool
+Creator | Tool:sbom4python-0.11.3
+Created | 2024-11-11T00:37:24Z
+Files | 0
+Packages | 75
+Relationships | 114
+Services | 0
+Vulnerabilities | 0
+
+# Package Summary
+
+Name | Version | Type | Supplier | License
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | APPLICATION | Terri Oda (terri.oda@intel.com) | GPL-3.0-or-later
+aiohttp | 3.10.10 | LIBRARY | NOASSERTION | Apache-2.0
+aiohappyeyeballs | 2.4.3 | LIBRARY | J. Nick Koston (nick@koston.org) | PSF-2.0
+aiosignal | 1.3.1 | LIBRARY | NOASSERTION | Apache-2.0
+frozenlist | 1.5.0 | LIBRARY | NOASSERTION | Apache-2.0
+async-timeout | 4.0.3 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+attrs | 24.2.0 | LIBRARY | Hynek Schlawack (hs@ox.cx) | NOASSERTION
+multidict | 6.1.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+typing-extensions | 4.12.2 | LIBRARY | Guido van Jukka ukasz Michael (levkivskyi@gmail.com) | NOASSERTION
+yarl | 1.17.1 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+idna | 3.10 | LIBRARY | Kim Davies (kim+pypi@gumleaf.org) | NOASSERTION
+propcache | 0.2.0 | LIBRARY | Andrew Svetlov (andrew.svetlov@gmail.com) | Apache-2.0
+beautifulsoup4 | 4.12.3 | LIBRARY | Leonard Richardson (leonardr@segfault.org) | MIT
+soupsieve | 2.6 | LIBRARY | Isaac Muse (Isaac.Muse@gmail.com) | NOASSERTION
+cvss | 3.3 | LIBRARY | Stanislav Red Hat Product Security (skontar@redhat.com) | LGPL-3.0-or-later
+defusedxml | 0.7.1 | LIBRARY | Christian Heimes (christian@python.org) | PSF-2.0
+distro | 1.9.0 | LIBRARY | Nir Cohen (nir36g@gmail.com) | Apache-2.0
+filetype | 1.2.0 | LIBRARY | Tomas Aparicio (tomas@aparicio.me) | MIT
+gsutil | 5.31 | LIBRARY | Google Inc. (buganizer-system+187143@google.com) | Apache-2.0
+argcomplete | 3.5.1 | LIBRARY | Andrey Kislyuk (kislyuk@gmail.com) | Apache-2.0
+crcmod | 1.7 | LIBRARY | Ray Buvel (rlbuvel@gmail.com) | MIT
+fasteners | 0.19 | LIBRARY | Joshua Harlow | Apache-2.0
+gcs-oauth2-boto-plugin | 3.2 | LIBRARY | Google Inc. (gs-team@google.com) | Apache-2.0
+boto | 2.49.0 | LIBRARY | Mitch Garnaat (mitch@garnaat.com) | MIT
+google-auth | 2.17.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+cachetools | 5.5.0 | LIBRARY | Thomas Kemmer (tkemmer@computer.org) | MIT
+pyasn1-modules | 0.4.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-3-Clause
+pyasn1 | 0.6.1 | LIBRARY | Ilya Etingof (etingof@gmail.com) | BSD-2-Clause
+rsa | 4.7.2 | LIBRARY | Sybren A. Stuvel (sybren@stuvel.eu) | Apache-2.0
+six | 1.16.0 | LIBRARY | Benjamin Peterson (benjamin@python.org) | MIT
+google-auth-httplib2 | 0.2.0 | LIBRARY | Google Cloud Platform (googleapis-packages@google.com) | Apache-2.0
+httplib2 | 0.20.4 | LIBRARY | Joe Gregorio (joe@bitworking.org) | MIT
+pyparsing | 3.2.0 | LIBRARY | Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | NOASSERTION
+google-reauth | 0.1.1 | LIBRARY | Google (googleapis-publisher@google.com) | Apache-2.0
+pyu2f | 0.1.5 | LIBRARY | Google Inc. (pyu2f-team@google.com) | Apache-2.0
+oauth2client | 4.1.3 | LIBRARY | Google Inc. (jonwayne+oauth2client@google.com) | Apache-2.0
+pyopenssl | 24.2.1 | LIBRARY | The pyOpenSSL developers (cryptography-dev@python.org) | Apache-2.0
+cryptography | 43.0.3 | LIBRARY | The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | Apache-2.0 OR BSD-3-Clause
+cffi | 1.17.1 | LIBRARY | Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | MIT
+pycparser | 2.22 | LIBRARY | Eli Bendersky (eliben@gmail.com) | BSD-3-Clause
+retry-decorator | 1.1.1 | LIBRARY | Patrick Ng (pn.appdev@gmail.com) | MIT
+google-apitools | 0.5.32 | LIBRARY | Craig Citro (craigcitro@google.com) | Apache-2.0
+monotonic | 1.6 | LIBRARY | Ori Livneh (ori@wikimedia.org) | Apache-2.0
+importlib-metadata | 8.5.0 | LIBRARY | Jason R. (jaraco@jaraco.com) | NOASSERTION
+zipp | 3.21.0 | LIBRARY | Jason R. (jaraco@jaraco.com) | NOASSERTION
+jinja2 | 3.1.4 | LIBRARY | NOASSERTION | NOASSERTION
+markupsafe | 3.0.2 | LIBRARY | NOASSERTION | NOASSERTION
+jsonschema | 4.23.0 | LIBRARY | Julian Berman (Julian+jsonschema@GrayVines.com) | MIT
+jsonschema-specifications | 2024.10.1 | LIBRARY | Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | NOASSERTION
+referencing | 0.35.1 | LIBRARY | Julian Berman (Julian+referencing@GrayVines.com) | NOASSERTION
+rpds-py | 0.21.0 | LIBRARY | Julian Berman (Julian+rpds@GrayVines.com) | NOASSERTION
+lib4sbom | 0.7.5 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+pyyaml | 6.0.2 | LIBRARY | Kirill Simonov (xi@resolvent.net) | MIT
+semantic-version | 2.10.0 | LIBRARY | Raphael Barrois (raphael.barrois+semver@polytechnique.org) | BSD-3-Clause
+lib4vex | 0.2.0 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | Apache-2.0
+csaf-tool | 0.3.2 | LIBRARY | Anthony Harrison (anthony.p.harrison@gmail.com) | MIT
+packageurl-python | 0.16.0 | LIBRARY | the purl authors | MIT
+rich | 13.9.4 | LIBRARY | Will McGugan (willmcgugan@gmail.com) | MIT
+markdown-it-py | 3.0.0 | LIBRARY | Chris Sewell (chrisj_sewell@hotmail.com) | NOASSERTION
+mdurl | 0.1.2 | LIBRARY | Taneli Hukkinen (hukkin@users.noreply.github.com) | NOASSERTION
+pygments | 2.18.0 | LIBRARY | Georg Brandl (georg@python.org) | BSD-2-Clause
+packaging | 24.2 | LIBRARY | Donald Stufft (donald@stufft.io) | NOASSERTION
+plotly | 5.24.1 | LIBRARY | Chris P (chris@plot.ly) | MIT
+tenacity | 9.0.0 | LIBRARY | Julien Danjou (julien@danjou.info) | Apache-2.0
+python-gnupg | 0.5.3 | LIBRARY | Vinay Sajip (vinay_sajip@yahoo.co.uk) | BSD-3-Clause
+requests | 2.32.3 | LIBRARY | Kenneth Reitz (me@kennethreitz.org) | Apache-2.0
+certifi | 2024.8.30 | LIBRARY | Kenneth Reitz (me@kennethreitz.com) | MPL-2.0
+charset-normalizer | 3.4.0 | LIBRARY | Ahmed TAHRI (tahri.ahmed@proton.me) | MIT
+urllib3 | 2.2.3 | LIBRARY | Andrey Petrov (andrey.petrov@shazow.net) | NOASSERTION
+rpmfile | 2.1.0 | LIBRARY | Sean Ross (srossross@gmail.com) | MIT
+setuptools | 75.3.0 | LIBRARY | Python Packaging Authority (distutils-sig@python.org) | NOASSERTION
+toml | 0.10.2 | LIBRARY | William Pearson (uiri@xqz.ca) | MIT
+xmlschema | 3.4.3 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+elementpath | 4.6.0 | LIBRARY | Davide Brunato (brunato@sissa.it) | MIT
+zstandard | 0.23.0 | LIBRARY | Gregory Szorc (gregory.szorc@gmail.com) | BSD-3-Clause
+
+Name | Version | Ecosystem | Download | Copyright
+| -------- | -------- | -------- | -------- | -------- 
+cve-bin-tool | 3.4 | pypi | https://pypi.org/project/cve-bin-tool/3.4/#files | NOASSERTION
+aiohttp | 3.10.10 | pypi | https://pypi.org/project/aiohttp/3.10.10/#files | NOASSERTION
+aiohappyeyeballs | 2.4.3 | pypi | https://pypi.org/project/aiohappyeyeballs/2.4.3/#files | NOASSERTION
+aiosignal | 1.3.1 | pypi | https://pypi.org/project/aiosignal/1.3.1/#files | NOASSERTION
+frozenlist | 1.5.0 | pypi | https://pypi.org/project/frozenlist/1.5.0/#files | NOASSERTION
+async-timeout | 4.0.3 | pypi | https://pypi.org/project/async-timeout/4.0.3/#files | NOASSERTION
+attrs | 24.2.0 | pypi | https://pypi.org/project/attrs/24.2.0/#files | NOASSERTION
+multidict | 6.1.0 | pypi | https://pypi.org/project/multidict/6.1.0/#files | NOASSERTION
+typing-extensions | 4.12.2 | pypi | https://pypi.org/project/typing-extensions/4.12.2/#files | NOASSERTION
+yarl | 1.17.1 | pypi | https://pypi.org/project/yarl/1.17.1/#files | NOASSERTION
+idna | 3.10 | pypi | https://pypi.org/project/idna/3.10/#files | NOASSERTION
+propcache | 0.2.0 | pypi | https://pypi.org/project/propcache/0.2.0/#files | NOASSERTION
+beautifulsoup4 | 4.12.3 | pypi | https://pypi.org/project/beautifulsoup4/4.12.3/#files | NOASSERTION
+soupsieve | 2.6 | pypi | https://pypi.org/project/soupsieve/2.6/#files | NOASSERTION
+cvss | 3.3 | pypi | https://pypi.org/project/cvss/3.3/#files | NOASSERTION
+defusedxml | 0.7.1 | pypi | https://pypi.org/project/defusedxml/0.7.1/#files | NOASSERTION
+distro | 1.9.0 | pypi | https://pypi.org/project/distro/1.9.0/#files | NOASSERTION
+filetype | 1.2.0 | pypi | https://pypi.org/project/filetype/1.2.0/#files | NOASSERTION
+gsutil | 5.31 | pypi | https://pypi.org/project/gsutil/5.31/#files | NOASSERTION
+argcomplete | 3.5.1 | pypi | https://pypi.org/project/argcomplete/3.5.1/#files | NOASSERTION
+crcmod | 1.7 | pypi | https://pypi.org/project/crcmod/1.7/#files | NOASSERTION
+fasteners | 0.19 | pypi | https://pypi.org/project/fasteners/0.19/#files | NOASSERTION
+gcs-oauth2-boto-plugin | 3.2 | pypi | https://pypi.org/project/gcs-oauth2-boto-plugin/3.2/#files | NOASSERTION
+boto | 2.49.0 | pypi | https://pypi.org/project/boto/2.49.0/#files | NOASSERTION
+google-auth | 2.17.0 | pypi | https://pypi.org/project/google-auth/2.17.0/#files | NOASSERTION
+cachetools | 5.5.0 | pypi | https://pypi.org/project/cachetools/5.5.0/#files | NOASSERTION
+pyasn1-modules | 0.4.1 | pypi | https://pypi.org/project/pyasn1-modules/0.4.1/#files | NOASSERTION
+pyasn1 | 0.6.1 | pypi | https://pypi.org/project/pyasn1/0.6.1/#files | NOASSERTION
+rsa | 4.7.2 | pypi | https://pypi.org/project/rsa/4.7.2/#files | NOASSERTION
+six | 1.16.0 | pypi | https://pypi.org/project/six/1.16.0/#files | NOASSERTION
+google-auth-httplib2 | 0.2.0 | pypi | https://pypi.org/project/google-auth-httplib2/0.2.0/#files | NOASSERTION
+httplib2 | 0.20.4 | pypi | https://pypi.org/project/httplib2/0.20.4/#files | NOASSERTION
+pyparsing | 3.2.0 | pypi | https://pypi.org/project/pyparsing/3.2.0/#files | NOASSERTION
+google-reauth | 0.1.1 | pypi | https://pypi.org/project/google-reauth/0.1.1/#files | NOASSERTION
+pyu2f | 0.1.5 | pypi | https://pypi.org/project/pyu2f/0.1.5/#files | NOASSERTION
+oauth2client | 4.1.3 | pypi | https://pypi.org/project/oauth2client/4.1.3/#files | NOASSERTION
+pyopenssl | 24.2.1 | pypi | https://pypi.org/project/pyopenssl/24.2.1/#files | NOASSERTION
+cryptography | 43.0.3 | pypi | https://pypi.org/project/cryptography/43.0.3/#files | NOASSERTION
+cffi | 1.17.1 | pypi | https://pypi.org/project/cffi/1.17.1/#files | NOASSERTION
+pycparser | 2.22 | pypi | https://pypi.org/project/pycparser/2.22/#files | NOASSERTION
+retry-decorator | 1.1.1 | pypi | https://pypi.org/project/retry-decorator/1.1.1/#files | NOASSERTION
+google-apitools | 0.5.32 | pypi | https://pypi.org/project/google-apitools/0.5.32/#files | NOASSERTION
+monotonic | 1.6 | pypi | https://pypi.org/project/monotonic/1.6/#files | NOASSERTION
+importlib-metadata | 8.5.0 | pypi | https://pypi.org/project/importlib-metadata/8.5.0/#files | NOASSERTION
+zipp | 3.21.0 | pypi | https://pypi.org/project/zipp/3.21.0/#files | NOASSERTION
+jinja2 | 3.1.4 | pypi | https://pypi.org/project/jinja2/3.1.4/#files | NOASSERTION
+markupsafe | 3.0.2 | pypi | https://pypi.org/project/markupsafe/3.0.2/#files | NOASSERTION
+jsonschema | 4.23.0 | pypi | https://pypi.org/project/jsonschema/4.23.0/#files | NOASSERTION
+jsonschema-specifications | 2024.10.1 | pypi | https://pypi.org/project/jsonschema-specifications/2024.10.1/#files | NOASSERTION
+referencing | 0.35.1 | pypi | https://pypi.org/project/referencing/0.35.1/#files | NOASSERTION
+rpds-py | 0.21.0 | pypi | https://pypi.org/project/rpds-py/0.21.0/#files | NOASSERTION
+lib4sbom | 0.7.5 | pypi | https://pypi.org/project/lib4sbom/0.7.5/#files | NOASSERTION
+pyyaml | 6.0.2 | pypi | https://pypi.org/project/pyyaml/6.0.2/#files | NOASSERTION
+semantic-version | 2.10.0 | pypi | https://pypi.org/project/semantic-version/2.10.0/#files | NOASSERTION
+lib4vex | 0.2.0 | pypi | https://pypi.org/project/lib4vex/0.2.0/#files | NOASSERTION
+csaf-tool | 0.3.2 | pypi | https://pypi.org/project/csaf-tool/0.3.2/#files | NOASSERTION
+packageurl-python | 0.16.0 | pypi | https://pypi.org/project/packageurl-python/0.16.0/#files | NOASSERTION
+rich | 13.9.4 | pypi | https://pypi.org/project/rich/13.9.4/#files | NOASSERTION
+markdown-it-py | 3.0.0 | pypi | https://pypi.org/project/markdown-it-py/3.0.0/#files | NOASSERTION
+mdurl | 0.1.2 | pypi | https://pypi.org/project/mdurl/0.1.2/#files | NOASSERTION
+pygments | 2.18.0 | pypi | https://pypi.org/project/pygments/2.18.0/#files | NOASSERTION
+packaging | 24.2 | pypi | https://pypi.org/project/packaging/24.2/#files | NOASSERTION
+plotly | 5.24.1 | pypi | https://pypi.org/project/plotly/5.24.1/#files | NOASSERTION
+tenacity | 9.0.0 | pypi | https://pypi.org/project/tenacity/9.0.0/#files | NOASSERTION
+python-gnupg | 0.5.3 | pypi | https://pypi.org/project/python-gnupg/0.5.3/#files | NOASSERTION
+requests | 2.32.3 | pypi | https://pypi.org/project/requests/2.32.3/#files | NOASSERTION
+certifi | 2024.8.30 | pypi | https://pypi.org/project/certifi/2024.8.30/#files | NOASSERTION
+charset-normalizer | 3.4.0 | pypi | https://pypi.org/project/charset-normalizer/3.4.0/#files | NOASSERTION
+urllib3 | 2.2.3 | pypi | https://pypi.org/project/urllib3/2.2.3/#files | NOASSERTION
+rpmfile | 2.1.0 | pypi | https://pypi.org/project/rpmfile/2.1.0/#files | NOASSERTION
+setuptools | 75.3.0 | pypi | https://pypi.org/project/setuptools/75.3.0/#files | NOASSERTION
+toml | 0.10.2 | pypi | https://pypi.org/project/toml/0.10.2/#files | NOASSERTION
+xmlschema | 3.4.3 | pypi | https://pypi.org/project/xmlschema/3.4.3/#files | NOASSERTION
+elementpath | 4.6.0 | pypi | https://pypi.org/project/elementpath/4.6.0/#files | NOASSERTION
+zstandard | 0.23.0 | pypi | https://pypi.org/project/zstandard/0.23.0/#files | NOASSERTION
+
+Name | PURL | CPE
+| -------- | -------- | -------- 
+cve-bin-tool | pkg:pypi/cve-bin-tool@3.4 | cpe:2.3:a:terri_oda:cve-bin-tool:3.4:*:*:*:*:*:*:*
+aiohttp | pkg:pypi/aiohttp@3.10.10 | 
+aiohappyeyeballs | pkg:pypi/aiohappyeyeballs@2.4.3 | cpe:2.3:a:j._nick_koston:aiohappyeyeballs:2.4.3:*:*:*:*:*:*:*
+aiosignal | pkg:pypi/aiosignal@1.3.1 | 
+frozenlist | pkg:pypi/frozenlist@1.5.0 | 
+async-timeout | pkg:pypi/async-timeout@4.0.3 | cpe:2.3:a:andrew_svetlov:async-timeout:4.0.3:*:*:*:*:*:*:*
+attrs | pkg:pypi/attrs@24.2.0 | cpe:2.3:a:hynek_schlawack:attrs:24.2.0:*:*:*:*:*:*:*
+multidict | pkg:pypi/multidict@6.1.0 | cpe:2.3:a:andrew_svetlov:multidict:6.1.0:*:*:*:*:*:*:*
+typing-extensions | pkg:pypi/typing-extensions@4.12.2 | cpe:2.3:a:guido_van_jukka_ukasz_michael:typing-extensions:4.12.2:*:*:*:*:*:*:*
+yarl | pkg:pypi/yarl@1.17.1 | cpe:2.3:a:andrew_svetlov:yarl:1.17.1:*:*:*:*:*:*:*
+idna | pkg:pypi/idna@3.10 | cpe:2.3:a:kim_davies:idna:3.10:*:*:*:*:*:*:*
+propcache | pkg:pypi/propcache@0.2.0 | cpe:2.3:a:andrew_svetlov:propcache:0.2.0:*:*:*:*:*:*:*
+beautifulsoup4 | pkg:pypi/beautifulsoup4@4.12.3 | cpe:2.3:a:leonard_richardson:beautifulsoup4:4.12.3:*:*:*:*:*:*:*
+soupsieve | pkg:pypi/soupsieve@2.6 | cpe:2.3:a:isaac_muse:soupsieve:2.6:*:*:*:*:*:*:*
+cvss | pkg:pypi/cvss@3.3 | cpe:2.3:a:stanislav_red_hat_product_security:cvss:3.3:*:*:*:*:*:*:*
+defusedxml | pkg:pypi/defusedxml@0.7.1 | cpe:2.3:a:christian_heimes:defusedxml:0.7.1:*:*:*:*:*:*:*
+distro | pkg:pypi/distro@1.9.0 | cpe:2.3:a:nir_cohen:distro:1.9.0:*:*:*:*:*:*:*
+filetype | pkg:pypi/filetype@1.2.0 | cpe:2.3:a:tomas_aparicio:filetype:1.2.0:*:*:*:*:*:*:*
+gsutil | pkg:pypi/gsutil@5.31 | cpe:2.3:a:google_inc.:gsutil:5.31:*:*:*:*:*:*:*
+argcomplete | pkg:pypi/argcomplete@3.5.1 | cpe:2.3:a:andrey_kislyuk:argcomplete:3.5.1:*:*:*:*:*:*:*
+crcmod | pkg:pypi/crcmod@1.7 | cpe:2.3:a:ray_buvel:crcmod:1.7:*:*:*:*:*:*:*
+fasteners | pkg:pypi/fasteners@0.19 | cpe:2.3:a:joshua_harlow:fasteners:0.19:*:*:*:*:*:*:*
+gcs-oauth2-boto-plugin | pkg:pypi/gcs-oauth2-boto-plugin@3.2 | cpe:2.3:a:google_inc.:gcs-oauth2-boto-plugin:3.2:*:*:*:*:*:*:*
+boto | pkg:pypi/boto@2.49.0 | cpe:2.3:a:mitch_garnaat:boto:2.49.0:*:*:*:*:*:*:*
+google-auth | pkg:pypi/google-auth@2.17.0 | cpe:2.3:a:google_cloud_platform:google-auth:2.17.0:*:*:*:*:*:*:*
+cachetools | pkg:pypi/cachetools@5.5.0 | cpe:2.3:a:thomas_kemmer:cachetools:5.5.0:*:*:*:*:*:*:*
+pyasn1-modules | pkg:pypi/pyasn1-modules@0.4.1 | cpe:2.3:a:ilya_etingof:pyasn1-modules:0.4.1:*:*:*:*:*:*:*
+pyasn1 | pkg:pypi/pyasn1@0.6.1 | cpe:2.3:a:ilya_etingof:pyasn1:0.6.1:*:*:*:*:*:*:*
+rsa | pkg:pypi/rsa@4.7.2 | cpe:2.3:a:sybren_a._stuvel:rsa:4.7.2:*:*:*:*:*:*:*
+six | pkg:pypi/six@1.16.0 | cpe:2.3:a:benjamin_peterson:six:1.16.0:*:*:*:*:*:*:*
+google-auth-httplib2 | pkg:pypi/google-auth-httplib2@0.2.0 | cpe:2.3:a:google_cloud_platform:google-auth-httplib2:0.2.0:*:*:*:*:*:*:*
+httplib2 | pkg:pypi/httplib2@0.20.4 | cpe:2.3:a:joe_gregorio:httplib2:0.20.4:*:*:*:*:*:*:*
+pyparsing | pkg:pypi/pyparsing@3.2.0 | cpe:2.3:a:paul_mcguire:pyparsing:3.2.0:*:*:*:*:*:*:*
+google-reauth | pkg:pypi/google-reauth@0.1.1 | cpe:2.3:a:google:google-reauth:0.1.1:*:*:*:*:*:*:*
+pyu2f | pkg:pypi/pyu2f@0.1.5 | cpe:2.3:a:google_inc.:pyu2f:0.1.5:*:*:*:*:*:*:*
+oauth2client | pkg:pypi/oauth2client@4.1.3 | cpe:2.3:a:google_inc.:oauth2client:4.1.3:*:*:*:*:*:*:*
+pyopenssl | pkg:pypi/pyopenssl@24.2.1 | cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.2.1:*:*:*:*:*:*:*
+cryptography | pkg:pypi/cryptography@43.0.3 | cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*
+cffi | pkg:pypi/cffi@1.17.1 | cpe:2.3:a:armin_maciej_fijalkowski:cffi:1.17.1:*:*:*:*:*:*:*
+pycparser | pkg:pypi/pycparser@2.22 | cpe:2.3:a:eli_bendersky:pycparser:2.22:*:*:*:*:*:*:*
+retry-decorator | pkg:pypi/retry-decorator@1.1.1 | cpe:2.3:a:patrick_ng:retry-decorator:1.1.1:*:*:*:*:*:*:*
+google-apitools | pkg:pypi/google-apitools@0.5.32 | cpe:2.3:a:craig_citro:google-apitools:0.5.32:*:*:*:*:*:*:*
+monotonic | pkg:pypi/monotonic@1.6 | cpe:2.3:a:ori_livneh:monotonic:1.6:*:*:*:*:*:*:*
+importlib-metadata | pkg:pypi/importlib-metadata@8.5.0 | cpe:2.3:a:jason_r.:importlib-metadata:8.5.0:*:*:*:*:*:*:*
+zipp | pkg:pypi/zipp@3.21.0 | cpe:2.3:a:jason_r.:zipp:3.21.0:*:*:*:*:*:*:*
+jinja2 | pkg:pypi/jinja2@3.1.4 | 
+markupsafe | pkg:pypi/markupsafe@3.0.2 | 
+jsonschema | pkg:pypi/jsonschema@4.23.0 | cpe:2.3:a:julian_berman:jsonschema:4.23.0:*:*:*:*:*:*:*
+jsonschema-specifications | pkg:pypi/jsonschema-specifications@2024.10.1 | cpe:2.3:a:julian_berman:jsonschema-specifications:2024.10.1:*:*:*:*:*:*:*
+referencing | pkg:pypi/referencing@0.35.1 | cpe:2.3:a:julian_berman:referencing:0.35.1:*:*:*:*:*:*:*
+rpds-py | pkg:pypi/rpds-py@0.21.0 | cpe:2.3:a:julian_berman:rpds-py:0.21.0:*:*:*:*:*:*:*
+lib4sbom | pkg:pypi/lib4sbom@0.7.5 | cpe:2.3:a:anthony_harrison:lib4sbom:0.7.5:*:*:*:*:*:*:*
+pyyaml | pkg:pypi/pyyaml@6.0.2 | cpe:2.3:a:kirill_simonov:pyyaml:6.0.2:*:*:*:*:*:*:*
+semantic-version | pkg:pypi/semantic-version@2.10.0 | cpe:2.3:a:raphael_barrois:semantic-version:2.10.0:*:*:*:*:*:*:*
+lib4vex | pkg:pypi/lib4vex@0.2.0 | cpe:2.3:a:anthony_harrison:lib4vex:0.2.0:*:*:*:*:*:*:*
+csaf-tool | pkg:pypi/csaf-tool@0.3.2 | cpe:2.3:a:anthony_harrison:csaf-tool:0.3.2:*:*:*:*:*:*:*
+packageurl-python | pkg:pypi/packageurl-python@0.16.0 | cpe:2.3:a:the_purl_authors:packageurl-python:0.16.0:*:*:*:*:*:*:*
+rich | pkg:pypi/rich@13.9.4 | cpe:2.3:a:will_mcgugan:rich:13.9.4:*:*:*:*:*:*:*
+markdown-it-py | pkg:pypi/markdown-it-py@3.0.0 | cpe:2.3:a:chris_sewell:markdown-it-py:3.0.0:*:*:*:*:*:*:*
+mdurl | pkg:pypi/mdurl@0.1.2 | cpe:2.3:a:taneli_hukkinen:mdurl:0.1.2:*:*:*:*:*:*:*
+pygments | pkg:pypi/pygments@2.18.0 | cpe:2.3:a:georg_brandl:pygments:2.18.0:*:*:*:*:*:*:*
+packaging | pkg:pypi/packaging@24.2 | cpe:2.3:a:donald_stufft:packaging:24.2:*:*:*:*:*:*:*
+plotly | pkg:pypi/plotly@5.24.1 | cpe:2.3:a:chris_p:plotly:5.24.1:*:*:*:*:*:*:*
+tenacity | pkg:pypi/tenacity@9.0.0 | cpe:2.3:a:julien_danjou:tenacity:9.0.0:*:*:*:*:*:*:*
+python-gnupg | pkg:pypi/python-gnupg@0.5.3 | cpe:2.3:a:vinay_sajip:python-gnupg:0.5.3:*:*:*:*:*:*:*
+requests | pkg:pypi/requests@2.32.3 | cpe:2.3:a:kenneth_reitz:requests:2.32.3:*:*:*:*:*:*:*
+certifi | pkg:pypi/certifi@2024.8.30 | cpe:2.3:a:kenneth_reitz:certifi:2024.8.30:*:*:*:*:*:*:*
+charset-normalizer | pkg:pypi/charset-normalizer@3.4.0 | cpe:2.3:a:ahmed_tahri:charset-normalizer:3.4.0:*:*:*:*:*:*:*
+urllib3 | pkg:pypi/urllib3@2.2.3 | cpe:2.3:a:andrey_petrov:urllib3:2.2.3:*:*:*:*:*:*:*
+rpmfile | pkg:pypi/rpmfile@2.1.0 | cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
+setuptools | pkg:pypi/setuptools@75.3.0 | cpe:2.3:a:python_packaging_authority:setuptools:75.3.0:*:*:*:*:*:*:*
+toml | pkg:pypi/toml@0.10.2 | cpe:2.3:a:william_pearson:toml:0.10.2:*:*:*:*:*:*:*
+xmlschema | pkg:pypi/xmlschema@3.4.3 | cpe:2.3:a:davide_brunato:xmlschema:3.4.3:*:*:*:*:*:*:*
+elementpath | pkg:pypi/elementpath@4.6.0 | cpe:2.3:a:davide_brunato:elementpath:4.6.0:*:*:*:*:*:*:*
+zstandard | pkg:pypi/zstandard@0.23.0 | cpe:2.3:a:gregory_szorc:zstandard:0.23.0:*:*:*:*:*:*:*
+
+# Component Type Summary
+
+Type | Count
+| -------- | -------- 
+APPLICATION | 1
+LIBRARY | 74
+
+# License Summary
+
+License | Count
+| -------- | -------- 
+Apache-2.0 | 25
+Apache-2.0 OR BSD-3-Clause | 1
+BSD-2-Clause | 2
+BSD-3-Clause | 5
+GPL-3.0-or-later | 1
+LGPL-3.0-or-later | 1
+MIT | 20
+MPL-2.0 | 1
+NOASSERTION | 17
+PSF-2.0 | 2
+
+# Supplier Summary
+
+Supplier | Count
+| -------- | -------- 
+Ahmed TAHRI (tahri.ahmed@proton.me) | 1
+Andrew Svetlov (andrew.svetlov@gmail.com) | 4
+Andrey Kislyuk (kislyuk@gmail.com) | 1
+Andrey Petrov (andrey.petrov@shazow.net) | 1
+Anthony Harrison (anthony.p.harrison@gmail.com) | 3
+Armin Maciej Fijalkowski (python-cffi@googlegroups.com) | 1
+Benjamin Peterson (benjamin@python.org) | 1
+Chris P (chris@plot.ly) | 1
+Chris Sewell (chrisj_sewell@hotmail.com) | 1
+Christian Heimes (christian@python.org) | 1
+Craig Citro (craigcitro@google.com) | 1
+Davide Brunato (brunato@sissa.it) | 2
+Donald Stufft (donald@stufft.io) | 1
+Eli Bendersky (eliben@gmail.com) | 1
+Georg Brandl (georg@python.org) | 1
+Google (googleapis-publisher@google.com) | 1
+Google Cloud Platform (googleapis-packages@google.com) | 2
+Google Inc. (buganizer-system+187143@google.com) | 1
+Google Inc. (gs-team@google.com) | 1
+Google Inc. (jonwayne+oauth2client@google.com) | 1
+Google Inc. (pyu2f-team@google.com) | 1
+Gregory Szorc (gregory.szorc@gmail.com) | 1
+Guido van Jukka ukasz Michael (levkivskyi@gmail.com) | 1
+Hynek Schlawack (hs@ox.cx) | 1
+Ilya Etingof (etingof@gmail.com) | 2
+Isaac Muse (Isaac.Muse@gmail.com) | 1
+J. Nick Koston (nick@koston.org) | 1
+Jason R. (jaraco@jaraco.com) | 2
+Joe Gregorio (joe@bitworking.org) | 1
+Joshua Harlow | 1
+Julian Berman (Julian+jsonschema-specifications@GrayVines.com) | 1
+Julian Berman (Julian+jsonschema@GrayVines.com) | 1
+Julian Berman (Julian+referencing@GrayVines.com) | 1
+Julian Berman (Julian+rpds@GrayVines.com) | 1
+Julien Danjou (julien@danjou.info) | 1
+Kenneth Reitz (me@kennethreitz.com) | 1
+Kenneth Reitz (me@kennethreitz.org) | 1
+Kim Davies (kim+pypi@gumleaf.org) | 1
+Kirill Simonov (xi@resolvent.net) | 1
+Leonard Richardson (leonardr@segfault.org) | 1
+Mitch Garnaat (mitch@garnaat.com) | 1
+NOASSERTION | 5
+Nir Cohen (nir36g@gmail.com) | 1
+Ori Livneh (ori@wikimedia.org) | 1
+Patrick Ng (pn.appdev@gmail.com) | 1
+Paul McGuire (ptmcg.gm+pyparsing@gmail.com) | 1
+Python Packaging Authority (distutils-sig@python.org) | 1
+Raphael Barrois (raphael.barrois+semver@polytechnique.org) | 1
+Ray Buvel (rlbuvel@gmail.com) | 1
+Sean Ross (srossross@gmail.com) | 1
+Stanislav Red Hat Product Security (skontar@redhat.com) | 1
+Sybren A. Stuvel (sybren@stuvel.eu) | 1
+Taneli Hukkinen (hukkin@users.noreply.github.com) | 1
+Terri Oda (terri.oda@intel.com) | 1
+The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) | 1
+The pyOpenSSL developers (cryptography-dev@python.org) | 1
+Thomas Kemmer (tkemmer@computer.org) | 1
+Tomas Aparicio (tomas@aparicio.me) | 1
+Vinay Sajip (vinay_sajip@yahoo.co.uk) | 1
+Will McGugan (willmcgugan@gmail.com) | 1
+William Pearson (uiri@xqz.ca) | 1
+the purl authors | 1
+
+# NTIA Summary
+
+Element | Status
+| -------- | -------- 
+All file information provided? | True
+All package information provided? | False
+Creator identified? | True
+Creation time identified? | True
+Dependency relationships provided? | True
+NTIA conformant False