AWS Security ChangesHomeSearch

AWS inspector medium security documentation change

Service: inspector · 2025-08-28 · Security-related medium

File: inspector/latest/user/sbom-generator-dependency-collection.md

Summary

Added note about Maven Central being the only supported repository for vulnerability evaluation

Security assessment

This change highlights a security-relevant limitation where third-party repositories aren't evaluated, potentially leaving vulnerabilities undetected in those sources. It documents a security control boundary that impacts vulnerability management.

Diff

diff --git a/inspector/latest/user/sbom-generator-dependency-collection.md b/inspector/latest/user/sbom-generator-dependency-collection.md
index c369db249..15efa8cf8 100644
--- a//inspector/latest/user/sbom-generator-dependency-collection.md
+++ b//inspector/latest/user/sbom-generator-dependency-collection.md
@@ -113,0 +114,4 @@ Programming language | Package manager | Supported artifacts | Toolchain support
+###### Note
+
+Our vulnerability evaluation feature only supports Maven Central repository. Third-party repositories, such as JBoss Enterprise Maven Repository, are not currently supported. 
+