Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-j7jh-x7p4-tbfg

Summary

Multiple vulnerabilities have been found in JasPer, the worst of
    which could result in a Denial of Service condition.

Aliases

alias	CVE-2017-13748

Fixed_packages

Affected_packages

url pkg:ebuild/media-libs/jasper@2.0.16

purl pkg:ebuild/media-libs/jasper@2.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14uc-suy4-vkav

vulnerability	VCID-411s-m5hf-13ea

vulnerability	VCID-43tr-aux5-xfg4

vulnerability	VCID-4uee-ywf5-77fg

vulnerability	VCID-71h8-gwku-nyba

vulnerability	VCID-8kug-2mr4-n7ap

vulnerability	VCID-bvgt-kswn-s3gu

vulnerability	VCID-cuwt-vtwk-9qfc

vulnerability	VCID-d55p-qzv3-abba

vulnerability	VCID-ddwa-ag8b-5kd3

vulnerability	VCID-fs57-6w4t-7khr

vulnerability	VCID-g8fd-dzfe-wqck

vulnerability	VCID-gqb1-mvjf-hfch

vulnerability	VCID-j7jh-x7p4-tbfg

vulnerability	VCID-mf2h-8nqn-73h9

vulnerability	VCID-mpy2-q1kz-mqbd

vulnerability	VCID-pzmn-b9g7-hqfy

vulnerability	VCID-u84u-4sre-sqez

vulnerability	VCID-unhd-qymu-j7a6

vulnerability	VCID-uzf7-rgm3-ykap

vulnerability	VCID-wjhs-wew4-3yhs

vulnerability	VCID-y4g3-1zev-nyda

resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/jasper@2.0.16

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13748.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13748.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-13748

reference_id

reference_type

scores

value	0.02661
scoring_system	epss
scoring_elements	0.85715
published_at	2026-04-01T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85828
published_at	2026-04-24T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85811
published_at	2026-04-18T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85805
published_at	2026-04-21T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85727
published_at	2026-04-02T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85746
published_at	2026-04-04T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85752
published_at	2026-04-07T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85771
published_at	2026-04-08T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85781
published_at	2026-04-09T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85796
published_at	2026-04-11T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85793
published_at	2026-04-12T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85789
published_at	2026-04-13T12:55:00Z

value	0.02661
scoring_system	epss
scoring_elements	0.85807
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-13748

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1488961
reference_id	1488961
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1488961

reference_url	https://security.gentoo.org/glsa/201908-03
reference_id	GLSA-201908-03
reference_type
scores
url	https://security.gentoo.org/glsa/201908-03

Weaknesses

cwe_id	772
name	Missing Release of Resource after Effective Lifetime
description	The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

Exploits

Severity_range_score 3.3 - 5.3

Exploitability 0.5

Weighted_severity 3.0

Risk_score 1.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j7jh-x7p4-tbfg

Vulnerability Instance