A comprehensive overview of SBOMs (software bill of materials): their data fields, use cases, and formats, why they’re needed, and how to manage them.| fossa.com
CSAF v2.0 is the definitive reference for the language which supports creation, update, and interoperable exchange of security advisories.| docs.oasis-open.org
Convey the exploitability of vulnerable components in the context of the product in which they're used.| cyclonedx.org