{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d531aef4-2844-5bd9-a609-c17fe4d313d9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1", "type": "library", "group": "org.apache.kafka", "name": "kafka-streams-upgrade-system-tests-25", "version": "2.8.2-tuxcare.1", "purl": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:51ca71e6-e5f2-55b3-b311-e5ab20a63d5e", "id": "CVE-2023-25194", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-25194 is fixed in version 2.8.2-tuxcare.1 of org.apache.kafka:kafka-streams-upgrade-system-tests-25." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5babd596-818b-5c2b-b895-81ba42e9dd33", "id": "CVE-2024-31141", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-31141 affects version 2.8.2-tuxcare.1 of org.apache.kafka:kafka-streams-upgrade-system-tests-25." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:420ce41a-ebb2-5454-96af-28e412828b22", "id": "CVE-2024-56128", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56128 is fixed in version 2.8.2-tuxcare.1 of org.apache.kafka:kafka-streams-upgrade-system-tests-25." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:629c1b46-ecb6-57fc-a5ce-8013294e10e8", "id": "CVE-2025-27818", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27818 affects version 2.8.2-tuxcare.1 of org.apache.kafka:kafka-streams-upgrade-system-tests-25." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:262d8037-2376-5e51-8b9f-8debe8d17d64", "id": "CVE-2025-27819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-27819 affects version 2.8.2-tuxcare.1 of org.apache.kafka:kafka-streams-upgrade-system-tests-25." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:874b93ad-92c1-5acc-980a-8e0b261613ed", "id": "CVE-2026-33558", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33558 affects version 2.8.2-tuxcare.1 of org.apache.kafka:kafka-streams-upgrade-system-tests-25." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c0c5415-abb6-53ff-9cf9-7c0c3e958acc", "id": "CVE-2026-35554", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-35554 affects version 2.8.2-tuxcare.1 of org.apache.kafka:kafka-streams-upgrade-system-tests-25." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.kafka/kafka-streams-upgrade-system-tests-25@2.8.2-tuxcare.1" } ] }