{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ab1ea53d-ccac-594b-a92c-1fd5ae1f1b92", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2", "type": "library", "group": "org.apache.kafka", "name": "connect-json", "version": "2.8.2-tuxcare.2", "purl": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1e71cb57-1f69-55e6-a2c7-56a85f7dfe8e", "id": "CVE-2023-25194", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-25194 is fixed in version 2.8.2-tuxcare.2 of org.apache.kafka:connect-json." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54761128-b3ed-5ae8-93b1-76615239c250", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.8.2-tuxcare.2 of org.apache.kafka:connect-json." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df6adb17-de8f-5bd3-a65b-580ad28f90de", "id": "CVE-2024-56128", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56128 is fixed in version 2.8.2-tuxcare.2 of org.apache.kafka:connect-json." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a18b5102-97c1-5de7-aec3-611358cf13d0", "id": "CVE-2025-27818", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27818 affects version 2.8.2-tuxcare.2 of org.apache.kafka:connect-json." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c3b652e-e5fb-5f0e-bde8-24711f850f3c", "id": "CVE-2025-27819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-27819 is fixed in version 2.8.2-tuxcare.2 of org.apache.kafka:connect-json." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04f430c9-3085-55ee-aad8-e87b40afd92b", "id": "CVE-2026-33558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33558 affects version 2.8.2-tuxcare.2 of org.apache.kafka:connect-json." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a8c7d6e-89fe-5b04-8920-dcdb93cc61cb", "id": "CVE-2026-35554", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-35554 affects version 2.8.2-tuxcare.2 of org.apache.kafka:connect-json." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.kafka/connect-json@2.8.2-tuxcare.2" } ] }