{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2025-10-03T11:12:45Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/document/package-nss-smime","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/nss/package-nss-smime/nss/UNIHASH/document/package-nss-smime"}],"name":"package-nss-smime","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime","creationInfo":"_:CreationInfo1","description":"Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security standards.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/package/nss-smime"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:*:network_security_services:3.117:*:*:*:*:*:*:*"}],"name":"nss-smime","summary":"Mozilla's SSL and TLS implementation","software_primaryPurpose":"install","software_homePage":"https://firefox-source-docs.mozilla.org/security/nss/index.html","software_packageVersion":"3.117"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime/file/1","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/package/nss-smime/file/1"}],"name":"usr/bin/smime","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"da9b71ef61aa23b115367e0fc76b258f5d4320669fda226d0498c4406d2a9a45"}]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/relationship/23fef9d16524ea76ecd5adff5f977de5","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/relationship/23fef9d16524ea76ecd5adff5f977de5"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime"],"scope":"build"},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/relationship/48dae1cd72893192bf1d144bbd3692ed","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/relationship/48dae1cd72893192bf1d144bbd3692ed"}],"from":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime","relationshipType":"contains","to":["http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime/file/1"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/relationship/7d9c66752277f157ccca5c83db9fc6d6","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/relationship/7d9c66752277f157ccca5c83db9fc6d6"}],"from":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2017-11695","http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2017-11696","http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2017-11697","http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2017-11698","http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2022-3479"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/relationship/c248b69485009668074923bec15e047e","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/relationship/c248b69485009668074923bec15e047e"}],"from":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/license/3_27_0/__MPL-2_0_AND_MIT___OR___MPL-2_0_AND_GPL-2_0-or-later_AND_MIT___OR___MPL-2_0_AND_LGPL-2_1-or-later_AND_MIT__"]},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/vex-not-affected/36c547da2c2d0fcccc56c81d7696495b","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/vex-not-affected/36c547da2c2d0fcccc56c81d7696495b"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2022-3479","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime"],"security_vexVersion":"1.0.0","security_impactStatement":"vulnerability was introduced in 3.77 and fixed in 3.87","security_justificationType":"vulnerableCodeNotPresent"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/vex-not-affected/6c4532f932516f24e90dd3da06d40a63","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/vex-not-affected/6c4532f932516f24e90dd3da06d40a63"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2017-11695","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime"],"security_vexVersion":"1.0.0","security_impactStatement":"This only affect the legacy db (libnssdbm), only compiled with --enable-legacy-db","security_justificationType":"vulnerableCodeNotPresent"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/vex-not-affected/91c7b1ebd44fa0531b5d5f075a284f68","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/vex-not-affected/91c7b1ebd44fa0531b5d5f075a284f68"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2017-11697","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime"],"security_vexVersion":"1.0.0","security_impactStatement":"This only affect the legacy db (libnssdbm), only compiled with --enable-legacy-db","security_justificationType":"vulnerableCodeNotPresent"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/vex-not-affected/98eba67f58b2b8ba28d60acb06fe4665","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/vex-not-affected/98eba67f58b2b8ba28d60acb06fe4665"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2017-11698","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime"],"security_vexVersion":"1.0.0","security_impactStatement":"This only affect the legacy db (libnssdbm), only compiled with --enable-legacy-db","security_justificationType":"vulnerableCodeNotPresent"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/vex-not-affected/f906bb8d288635fa18feb6fd4321960b","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/3342e2236ebc8c01261b31c9efdc0e4fa1e1df29d6b93b2c980258c65c3ea457/nss/UNIHASH/vex-not-affected/f906bb8d288635fa18feb6fd4321960b"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/18e2845f1ba906b87cc35e0e03eb6fe762be2668a633170731790cd0ccfc0cc0/nss/UNIHASH/vulnerability/CVE-2017-11696","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/nss-b4f666e4-1e7b-5f90-975d-6a66eb5e5574/75738dac84fa4ae97ead875493ada27849371cdb9354a50b536d804eb9fd4eb5/package/nss-smime"],"security_vexVersion":"1.0.0","security_impactStatement":"This only affect the legacy db (libnssdbm), only compiled with --enable-legacy-db","security_justificationType":"vulnerableCodeNotPresent"}]}