{"@context":"https://spdx.org/rdf/3.0.1/spdx-context.jsonld","@graph":[{"type":"CreationInfo","@id":"_:CreationInfo0","created":"2026-01-24T12:25:07Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"CreationInfo","@id":"_:CreationInfo1","created":"2011-04-05T23:00:00Z","createdBy":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded"],"createdUsing":["http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0"],"specVersion":"3.0.1"},{"type":"Organization","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/agent/OpenEmbedded","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"OpenEmbedded"},{"type":"Tool","spdxId":"http://spdx.org/spdxdocs/bitbake-addba517-4804-5ae3-87c2-0c3a1a5812ba/bitbake/tool/oe-spdx-creator_1_0","creationInfo":"_:CreationInfo1","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias"}],"name":"oe-spdx-creator 1.0"},{"type":"SpdxDocument","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/document/package-nscd","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/doc/glibc/package-nscd/glibc/UNIHASH/document/package-nscd","https://rdf.openembedded.org/spdx/3.0/link-name":"2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0"}],"name":"package-nscd","profileConformance":["build","core","security","simpleLicensing","software"],"rootElement":["http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd"]},{"type":"software_Package","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd","creationInfo":"_:CreationInfo0","description":"nscd, name service cache daemon, caches name service lookups for the passwd, group and hosts information.  It can damatically improvide performance with remote, such as NIS or NIS+, name services.","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/package/nscd"}],"externalIdentifier":[{"type":"ExternalIdentifier","externalIdentifierType":"cpe23","identifier":"cpe:2.3:*:*:glibc:2.42:*:*:*:*:*:*:*"}],"name":"nscd","summary":"Name service cache daemon","software_primaryPurpose":"install","software_homePage":"http://www.gnu.org/software/libc/libc.html","software_packageVersion":"2.42+git"},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/1","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/package/nscd/file/1"}],"name":"etc/nscd.conf","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"63740e9a0662c400a70449ae87922058a2b5f22a1172ad85c3e1460f7404eb5d"}]},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/2","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/package/nscd/file/2"}],"name":"usr/lib/systemd/system/nscd.service","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"ee5e3f1f72a8760d41ccfda8c8404aea641140a3619dc3fef4b943ac1d7a42f3"}]},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/3","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/package/nscd/file/3"}],"name":"usr/lib/systemd/system-preset/98-nscd.preset","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"8311abb30b4f87196c7c2d6541facf31c9b46601bc125629f6c032a0a11c6865"}]},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/4","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/package/nscd/file/4"}],"name":"usr/lib/tmpfiles.d/nscd.conf","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"b5d1678bf1bbb3bd4a0cb2a45e51de841f8d0a72a4a2f9c6fc2f11f9ba9e08c1"}]},{"type":"software_File","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/5","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/package/nscd/file/5"}],"name":"usr/sbin/nscd","verifiedUsing":[{"type":"Hash","algorithm":"sha256","hashValue":"e667d62ced3de74c2b85a303d9ba62b474450affb3a418886475cbf325937bc6"}]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/relationship/75e7a2e68a7f61d74216e38f68bf2d2c","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/relationship/75e7a2e68a7f61d74216e38f68bf2d2c"}],"from":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd","relationshipType":"contains","to":["http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/1","http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/2","http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/3","http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/4","http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd/file/5"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/relationship/7a70ea35e68f4e02681cf872fa6cc711","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/relationship/7a70ea35e68f4e02681cf872fa6cc711"}],"from":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd","relationshipType":"hasDeclaredLicense","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/license/3_27_0/GPL-2_0-only_AND_LGPL-2_1-or-later"]},{"type":"Relationship","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/relationship/a4b7155226c5e1518a2ca922563cc0c9","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/relationship/a4b7155226c5e1518a2ca922563cc0c9"}],"from":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd","relationshipType":"hasAssociatedVulnerability","to":["http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/vulnerability/CVE-2019-1010022","http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/vulnerability/CVE-2019-1010023","http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/vulnerability/CVE-2019-1010024","http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/vulnerability/CVE-2019-1010025"]},{"type":"LifecycleScopedRelationship","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/relationship/a5dad1253af1589368e8ad4e8901cc9f","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/relationship/a5dad1253af1589368e8ad4e8901cc9f"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/build/recipe","relationshipType":"hasOutput","to":["http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd"],"scope":"build"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/vex-not-affected/125fecc1110b0ec08882bc2d5bfa27d2","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/vex-not-affected/125fecc1110b0ec08882bc2d5bfa27d2"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/vulnerability/CVE-2019-1010025","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd"],"security_vexVersion":"1.0.0","security_impactStatement":"Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow easier access for another. 'ASLR bypass itself is not a vulnerability.'"},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/vex-not-affected/6665fbba82895fb20a0fb93414cf1108","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/vex-not-affected/6665fbba82895fb20a0fb93414cf1108"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/vulnerability/CVE-2019-1010024","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd"],"security_vexVersion":"1.0.0","security_impactStatement":"Upstream glibc maintainers dispute there is any issue and have no plans to address it further. this is being treated as a non-security bug and no real threat."},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/vex-not-affected/6832962a5817946a79258da2aa7a79fc","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/vex-not-affected/6832962a5817946a79258da2aa7a79fc"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/vulnerability/CVE-2019-1010022","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd"],"security_vexVersion":"1.0.0","security_impactStatement":"Upstream glibc maintainers dispute there is any issue and have no plans to address it further. this is being treated as a non-security bug and no real threat."},{"type":"security_VexNotAffectedVulnAssessmentRelationship","spdxId":"http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/vex-not-affected/79847bc4c53d50a2c7c3a26a4d3334a6","creationInfo":"_:CreationInfo0","extension":[{"type":"https://rdf.openembedded.org/spdx/3.0/id-alias","https://rdf.openembedded.org/spdx/3.0/alias":"http://spdxdocs.org/openembedded-alias/by-doc-hash/2ddde64b7eda03caa8d02f5914cc1e0aebbd73c0e517ff7a545d21f01d26d6c0/glibc/UNIHASH/vex-not-affected/79847bc4c53d50a2c7c3a26a4d3334a6"}],"from":"http://spdxdocs.org/openembedded-alias/by-doc-hash/8bcc50109a89a2a5b45d13a5cd9a3fb7e276afd2bf762de4772a02f224c2f6bf/glibc/UNIHASH/vulnerability/CVE-2019-1010023","relationshipType":"doesNotAffect","to":["http://spdx.org/spdxdocs/glibc-086907e2-5516-5638-9df3-b3863651f374/ff0fa986562cc19d03a0a0e5521e3c1c969d98d81d02655a677ed907182d7d1f/package/nscd"],"security_vexVersion":"1.0.0","security_impactStatement":"Upstream glibc maintainers dispute there is any issue and have no plans to address it further. this is being treated as a non-security bug and no real threat."}]}