{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30267?format=json","vulnerability_id":"VCID-22sa-smcx-9qay","summary":"","aliases":[{"alias":"CVE-2018-1298"},{"alias":"GHSA-6w3v-66mj-2qm6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/14348?format=json","purl":"pkg:maven/org.apache.qpid/apache-qpid-broker-j@7.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3de5-hm62-kuba"},{"vulnerability":"VCID-sw9f-ejmq-j7b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/apache-qpid-broker-j@7.0.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13832?format=json","purl":"pkg:maven/org.apache.qpid/apache-qpid-broker-j@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22sa-smcx-9qay"},{"vulnerability":"VCID-3de5-hm62-kuba"},{"vulnerability":"VCID-sw9f-ejmq-j7b8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.qpid/apache-qpid-broker-j@7.0.0"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1298.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1298.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1298","reference_id":"","reference_type":"","scores":[{"value":"0.00754","scoring_system":"epss","scoring_elements":"0.73755","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00754","scoring_system":"epss","scoring_elements":"0.7368","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00754","scoring_system":"epss","scoring_elements":"0.7377","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00754","scoring_system":"epss","scoring_elements":"0.73772","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1298"},{"reference_url":"https://github.com/apache/qpid-broker-j/commit/30ca170c42c400b41340a81c6a69d33aa19bf189","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/qpid-broker-j/commit/30ca170c42c400b41340a81c6a69d33aa19bf189"},{"reference_url":"https://github.com/apache/qpid-broker-j/commit/4b9fb37abbe882193b16595ed7b8e9d8383f59e1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/qpid-broker-j/commit/4b9fb37abbe882193b16595ed7b8e9d8383f59e1"},{"reference_url":"https://github.com/apache/qpid-broker-j/commit/de509dd955229a395c086a7cca874dc55306648a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/qpid-broker-j/commit/de509dd955229a395c086a7cca874dc55306648a"},{"reference_url":"https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1543717","reference_id":"1543717","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1543717"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1298","reference_id":"CVE-2018-1298","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1298"},{"reference_url":"https://github.com/advisories/GHSA-6w3v-66mj-2qm6","reference_id":"GHSA-6w3v-66mj-2qm6","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6w3v-66mj-2qm6"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."},{"cwe_id":358,"name":"Improperly Implemented Security Check for Standard","description":"The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"4.0 - 7.5","exploitability":"0.5","weighted_severity":"6.8","risk_score":3.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22sa-smcx-9qay"}