{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e20fdf5b-31a1-5d01-b710-1cca16f968a7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1", "type": "library", "group": "org.apache.kafka", "name": "connect-basic-auth-extension", "version": "3.2.3.tuxcare.1", "purl": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e18a4842-8d4c-5d40-bafe-f0fea48e5680", "id": "CVE-2023-25194", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-25194 is fixed in version 3.2.3.tuxcare.1 of org.apache.kafka:connect-basic-auth-extension." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cd766f1-86bf-523f-b6f7-ea53dd4fd5cd", "id": "CVE-2024-31141", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-31141 is fixed in version 3.2.3.tuxcare.1 of org.apache.kafka:connect-basic-auth-extension." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a40a816-8010-5495-9003-f7c3dc5133c5", "id": "CVE-2024-56128", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-56128 is fixed in version 3.2.3.tuxcare.1 of org.apache.kafka:connect-basic-auth-extension." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8102d11e-c867-5a83-9ef7-967798fc0b01", "id": "CVE-2025-27817", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-27817 is fixed in version 3.2.3.tuxcare.1 of org.apache.kafka:connect-basic-auth-extension." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8336db0a-57ec-5d8a-b66a-7b3a2c85c701", "id": "CVE-2025-27818", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-27818 is fixed in version 3.2.3.tuxcare.1 of org.apache.kafka:connect-basic-auth-extension." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c01a254-a966-518d-8004-71c3af95fe8c", "id": "CVE-2025-27819", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-27819 is fixed in version 3.2.3.tuxcare.1 of org.apache.kafka:connect-basic-auth-extension." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6c55007-a839-524f-b95a-c860f4e59192", "id": "CVE-2026-35554", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-35554 affects version 3.2.3.tuxcare.1 of org.apache.kafka:connect-basic-auth-extension." }, "affects": [ { "ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.kafka/connect-basic-auth-extension@3.2.3.tuxcare.1" } ] }