{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2025-11-27T15:22:11Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/document/package-libcupsimage2","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/cups/package-libcupsimage2/cups/UNIHASH/document/package-libcupsimage2"}],"name":"package-libcupsimage2","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2","creationInfo":"_:CreationInfo0","description":"The Common UNIX Printing System is a printing system and general replacement for lpd and the like. It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/package/libcupsimage2"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:*:cups:2.4.15:*:*:*:*:*:*:*"}],"name":"libcupsimage2","summary":"An Internet printing system for Unix","software_primaryPurpose":"install","software_homePage":"https://www.cups.org/","software_packageVersion":"2.4.15"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2/file/1","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/package/libcupsimage2/file/1"}],"name":"usr/lib/libcupsimage.so.2","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"dfa60dc33bccb3aad1d751fe6fb7b7d4c0c139747c155f70dc6fba64cf484ebe"}]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/relationship/0e9f4025e188d182bb22823cc8136a70","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/relationship/0e9f4025e188d182bb22823cc8136a70"}],"from":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/license/3_27_0/Apache-2_0"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/relationship/794683fcdd722a54d8d5a1673b5f82c3","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/relationship/794683fcdd722a54d8d5a1673b5f82c3"}],"from":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2008-1033","http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2009-0032","http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2018-6553"]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/relationship/7c18a3674712489e294d16c0d0582db5","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/relationship/7c18a3674712489e294d16c0d0582db5"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2"],"scope":"build"},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/relationship/8e933ebfd7d35a7127f39a849411908a","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/relationship/8e933ebfd7d35a7127f39a849411908a"}],"from":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2","relationshipType":"contains","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2/file/1"]},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/vex-not-affected/09623a8bc630543ee68549c8492633bf","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/vex-not-affected/09623a8bc630543ee68549c8492633bf"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2008-1033","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2"],"security_vexVersion":"1.0.0","security_impactStatement":"Issue only applies to MacOS","security_justificationType":"vulnerableCodeNotPresent"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/vex-not-affected/d808934fd0ace0f54de8b8957189dfe4","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/vex-not-affected/d808934fd0ace0f54de8b8957189dfe4"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2009-0032","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2"],"security_vexVersion":"1.0.0","security_impactStatement":"Issue affects pdfdistiller plugin used with but not part of cups"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/vex-not-affected/f215c2c93956d8326ad73c705e9cec3c","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/cbdb5aa00359d883af9c0e437408f5f2e83192a1dbcfeecbba1cd441ee0fa0e6/cups/UNIHASH/vex-not-affected/f215c2c93956d8326ad73c705e9cec3c"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8030dd37518e8c58aebaa240051c7edf92796377963aa0368e8d2571afe714a3/cups/UNIHASH/vulnerability/CVE-2018-6553","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/cups-65976d6f-d1d1-57d5-918f-01865b13d11b/946b0ece2b2ae9a3a93b2aea63a7e086519ccfb23cac00e42c68ecc07b761d3c/package/libcupsimage2"],"security_vexVersion":"1.0.0","security_impactStatement":"This is an Ubuntu only issue","security_justificationType":"vulnerableCodeNotPresent"}]}