The output format for the vulnerability report.
The JSON file for the SBOM you want to scan. The SBOM must be in CycloneDX 1.5 format.