{"url":"http://public2.vulnerablecode.io/api/packages/422024?format=json","purl":"pkg:maven/org.apache.syncope/syncope@1.0.7","type":"maven","namespace":"org.apache.syncope","name":"syncope","version":"1.0.7","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.2.0-M1","latest_non_vulnerable_version":"2.1.7","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30540?format=json","vulnerability_id":"VCID-qkcj-998h-zyem","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1321","reference_id":"","reference_type":"","scores":[{"value":"0.06394","scoring_system":"epss","scoring_elements":"0.91226","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1321"},{"reference_url":"https://github.com/apache/syncope/commit/717289bc10b6f3b204cb6d14881f530174c6235","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/syncope/commit/717289bc10b6f3b204cb6d14881f530174c6235"},{"reference_url":"https://github.com/apache/syncope/commit/726231fbf7b817bd2a9467171dcb1c0087c75bc","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/syncope/commit/726231fbf7b817bd2a9467171dcb1c0087c75bc"},{"reference_url":"https://github.com/apache/syncope/commit/ad31479c1c543ac7d26b8c882aa14f6c00c1fd0","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/syncope/commit/ad31479c1c543ac7d26b8c882aa14f6c00c1fd0"},{"reference_url":"https://www.exploit-db.com/exploits/45400","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/45400"},{"reference_url":"https://www.exploit-db.com/exploits/45400/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/45400/"},{"reference_url":"http://syncope.apache.org/security.html#CVE-2018-1321:_Remote_code_execution_by_administrators_with_report_and_template_entitlements","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://syncope.apache.org/security.html#CVE-2018-1321:_Remote_code_execution_by_administrators_with_report_and_template_entitlements"},{"reference_url":"http://www.securityfocus.com/bid/103508","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/103508"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1321","reference_id":"CVE-2018-1321","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1321"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/webapps/45400.txt","reference_id":"CVE-2018-1322;CVE-2018-1321","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/webapps/45400.txt"},{"reference_url":"https://github.com/advisories/GHSA-xgc9-9w4v-h33h","reference_id":"GHSA-xgc9-9w4v-h33h","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xgc9-9w4v-h33h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/422032?format=json","purl":"pkg:maven/org.apache.syncope/syncope@1.2.0-M1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@1.2.0-M1"},{"url":"http://public2.vulnerablecode.io/api/packages/390098?format=json","purl":"pkg:maven/org.apache.syncope/syncope@1.2.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@1.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/390099?format=json","purl":"pkg:maven/org.apache.syncope/syncope@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5edp-xe1z-pqfz"},{"vulnerability":"VCID-cnh1-7zku-syet"},{"vulnerability":"VCID-emjr-pzzz-2ybp"},{"vulnerability":"VCID-jrdb-zmn6-4bap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@2.0.8"}],"aliases":["CVE-2018-1321","GHSA-xgc9-9w4v-h33h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qkcj-998h-zyem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/270332?format=json","vulnerability_id":"VCID-s8bb-cf3u-7ybe","summary":"","references":[{"reference_url":"http://mail-archives.us.apache.org/mod_mbox/www-announce/201404.mbox/%3C534CE273.9020601@apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://mail-archives.us.apache.org/mod_mbox/www-announce/201404.mbox/%3C534CE273.9020601@apache.org%3E"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0111","reference_id":"","reference_type":"","scores":[{"value":"0.01419","scoring_system":"epss","scoring_elements":"0.81005","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0111"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0111","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0111"},{"reference_url":"https://web.archive.org/web/20201208163011/http://www.securityfocus.com/archive/1/531841/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201208163011/http://www.securityfocus.com/archive/1/531841/100/0/threaded"},{"reference_url":"http://syncope.apache.org/security.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://syncope.apache.org/security.html"},{"reference_url":"https://github.com/advisories/GHSA-r2xf-w5pj-9pw8","reference_id":"GHSA-r2xf-w5pj-9pw8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-r2xf-w5pj-9pw8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/386265?format=json","purl":"pkg:maven/org.apache.syncope/syncope@1.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qkcj-998h-zyem"},{"vulnerability":"VCID-zgf5-xk4a-43dg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@1.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/386266?format=json","purl":"pkg:maven/org.apache.syncope/syncope@1.1.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cvw3-2kp5-2yft"},{"vulnerability":"VCID-qkcj-998h-zyem"},{"vulnerability":"VCID-zgf5-xk4a-43dg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@1.1.7"}],"aliases":["CVE-2014-0111","GHSA-r2xf-w5pj-9pw8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s8bb-cf3u-7ybe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30446?format=json","vulnerability_id":"VCID-zgf5-xk4a-43dg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1322","reference_id":"","reference_type":"","scores":[{"value":"0.06729","scoring_system":"epss","scoring_elements":"0.91481","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1322"},{"reference_url":"https://github.com/apache/syncope","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/syncope"},{"reference_url":"https://github.com/apache/syncope/commit/44a5ca0fbd357b8b5d81aa9313fb01cca30d8ad","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/syncope/commit/44a5ca0fbd357b8b5d81aa9313fb01cca30d8ad"},{"reference_url":"https://github.com/apache/syncope/commit/735579b6f987b407049ac1f1da08e675d957c3e","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/syncope/commit/735579b6f987b407049ac1f1da08e675d957c3e"},{"reference_url":"https://github.com/apache/syncope/commit/7b168c142b09c3b03e39f1449211e7ddf026a14","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/syncope/commit/7b168c142b09c3b03e39f1449211e7ddf026a14"},{"reference_url":"https://www.exploit-db.com/exploits/45400","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/45400"},{"reference_url":"https://www.exploit-db.com/exploits/45400/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/45400/"},{"reference_url":"http://syncope.apache.org/security.html#CVE-2018-1322:_Information_disclosure_via_FIQL_and_ORDER_BY_sorting","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://syncope.apache.org/security.html#CVE-2018-1322:_Information_disclosure_via_FIQL_and_ORDER_BY_sorting"},{"reference_url":"http://www.securityfocus.com/bid/103507","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/103507"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1322","reference_id":"CVE-2018-1322","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1322"},{"reference_url":"https://github.com/advisories/GHSA-v3vf-2r98-xw8w","reference_id":"GHSA-v3vf-2r98-xw8w","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v3vf-2r98-xw8w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/422032?format=json","purl":"pkg:maven/org.apache.syncope/syncope@1.2.0-M1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@1.2.0-M1"},{"url":"http://public2.vulnerablecode.io/api/packages/390098?format=json","purl":"pkg:maven/org.apache.syncope/syncope@1.2.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@1.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/390099?format=json","purl":"pkg:maven/org.apache.syncope/syncope@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5edp-xe1z-pqfz"},{"vulnerability":"VCID-cnh1-7zku-syet"},{"vulnerability":"VCID-emjr-pzzz-2ybp"},{"vulnerability":"VCID-jrdb-zmn6-4bap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@2.0.8"}],"aliases":["CVE-2018-1322","GHSA-v3vf-2r98-xw8w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgf5-xk4a-43dg"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.syncope/syncope@1.0.7"}