From b03b5bb52905bfa1f02118d41a39a34c9def51eb Mon Sep 17 00:00:00 2001
From: Joel Rudsberg <joel.rudsberg@oracle.com>
Date: Tue, 25 Mar 2025 11:17:21 +0100
Subject: [PATCH] [GR-63227] Update SBOM BuildOutput.md, describe unassociated
 types

---
 docs/reference-manual/native-image/BuildOutput.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/reference-manual/native-image/BuildOutput.md b/docs/reference-manual/native-image/BuildOutput.md
index 9d5cc274e462..fc946a994158 100644
--- a/docs/reference-manual/native-image/BuildOutput.md
+++ b/docs/reference-manual/native-image/BuildOutput.md
@@ -269,6 +269,10 @@ When embedded, the SBOM size is displayed.
 The number of components is always displayed. 
 The SBOM feature can be disabled with `--enable-sbom=false`.
 
+Unassociated types are displayed when certain types (such as classes, interfaces, or annotations) cannot be linked to an SBOM component.
+If these types contain vulnerabilities, SBOM scanning will not detect them.
+To fix this, ensure that proper GAV coordinates (Group ID, Artifact ID, and Version) are defined in the project POM's properties or in _MANIFEST.MF_ using standard formats.
+
 For more information, see [Software Bill of Materials](../../security/native-image.md).
 
 #### <a name="glossary-backwards-edge-cfi"></a>Backwards-Edge Control-Flow Integrity (CFI)