{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:acdeb6e2-a454-5b82-9b07-4967689feb9d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2", "type": "library", "group": "org.springframework.boot", "name": "spring-boot-starter-freemarker", "version": "2.7.16-tuxcare.2", "purl": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d9c41462-d5fc-5ad2-b0e4-f1cf3d453d3f", "id": "CVE-2023-34055", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34055 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33772316-c724-5821-a9e2-29573e4f8367", "id": "CVE-2023-38286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-38286 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:603a47bc-e3a9-5ff1-9fb5-7a7bc4773939", "id": "CVE-2024-38807", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38807 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d350093-a6b5-5d8c-8921-58b7f6a5effa", "id": "CVE-2025-22235", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22235 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4da4226-f187-575e-9638-203141a127e1", "id": "CVE-2026-22733", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-22733 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9072b7c-7ca4-5c60-a337-6e7263ddb251", "id": "CVE-2026-40972", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-40972 is fixed in version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c68a24ec-cde5-5cce-99ad-943d4edecb9f", "id": "CVE-2026-40973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40973 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd800943-540b-56ae-9985-a48e326b87c9", "id": "CVE-2026-40974", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40974 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c425449-753e-5c4b-a79d-a95ca94c2d7a", "id": "CVE-2026-40975", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40975 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5ecaf3d-603f-58ad-b9de-9838c50ca716", "id": "CVE-2026-40977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40977 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b502f348-11d7-5b1e-bab2-4fb396ce94b3", "id": "CVE-2026-40992", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-40992 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a008a940-9b48-5f3b-aedd-2e1eebdea716", "id": "CVE-2026-41001", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41001 affects version 2.7.16-tuxcare.2 of org.springframework.boot:spring-boot-starter-freemarker." }, "affects": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework.boot/spring-boot-starter-freemarker@2.7.16-tuxcare.2" } ] }