{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:7e70e88f-00eb-5a9f-9dcd-7bdcb337c549",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1",
      "type": "library",
      "group": "org.springframework.boot",
      "name": "spring-boot-starter-freemarker",
      "version": "2.6.15.tuxcare.1",
      "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:9e9efc4c-8272-5e97-9f0e-0b18755c710d",
      "id": "CVE-2023-34055",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-34055 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6a9354c1-d838-5828-8bed-ac6d58e51e6b",
      "id": "CVE-2024-38807",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-38807 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0d59a1df-66be-584b-ab9a-17d44b19e13f",
      "id": "CVE-2025-22235",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6d8a8f21-39c7-5b24-97c0-4fbc7b710cf9",
      "id": "CVE-2026-22733",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22733 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4d139a0f-cc23-538e-94d3-ac712a4301f8",
      "id": "CVE-2026-40972",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40972 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:69e5278d-469f-5ae6-8a69-493416be228b",
      "id": "CVE-2026-40973",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40973 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:672ad8e4-57c7-5947-8cd9-7a24bc224b59",
      "id": "CVE-2026-40974",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40974 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:01ea13ee-1264-5245-b93c-671b62d03c0a",
      "id": "CVE-2026-40975",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40975 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f411211f-597c-5111-958a-75fd63bcddfb",
      "id": "CVE-2026-40977",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-40977 affects version 2.6.15.tuxcare.1 of org.springframework.boot:spring-boot-starter-freemarker."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.6.15.tuxcare.1"
    }
  ]
}