Certain Valid SBOMs fail on Conversion.

**Describe the bug**
Some valid SBOMs that are uploaded to SBOM-in-a-Box fail when attempting to convert them. This shouldn't happen since the original SBOM matches the required elements to be uploaded to SBOM-in-a-Box.

**To Reproduce**
Steps to reproduce the behavior:
1. Use the SPDX SBOM attached to this card
2. Open SBOM-in-a-Box
3. Upload the SPDX SBOM
4. Select it and press the Convert button
5. In the pop-up, select CDX14 for 'format' and use any desired schema.
6. Select Convert in the pop-up window.

**Expected behavior**
The SBOM will not be converted. Reload the SBOM-in-a-Box client to confirm.
The following message was displayed in the terminal when attempting to convert the SPDX SBOM to a CDX14 SBOM.
svip-api    | 2024-01-03 19:33:51.379 | ERROR | Serialized SBOM does not match schema=CDX14 (null)

**Screenshots**
If applicable, add screenshots to help explain your problem.
<img width="667" alt="Screen Shot 2024-01-03 at 2 35 33 PM" src="https://github.com/SoftwareDesignLab/SBOM-in-a-Box/assets/122822903/547c15bf-14c7-4021-85b7-ede1ef24b7b7">
<img width="798" alt="Screen Shot 2024-01-03 at 2 36 10 PM" src="https://github.com/SoftwareDesignLab/SBOM-in-a-Box/assets/122822903/0746ca2c-c308-44ca-accf-9526a00eacac">

**Additional context**
The file in question:
[dubboMavenSBOMSPDX.txt](https://github.com/SoftwareDesignLab/SBOM-in-a-Box/files/13822725/dubboMavenSBOMSPDX.txt)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Certain Valid SBOMs fail on Conversion. #316

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Certain Valid SBOMs fail on Conversion. #316

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions