Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-k363-jg3m-1yhz

Summary security update

Aliases

alias	CVE-2016-10249

Fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.20-1
purl	pkg:alpm/archlinux/jasper@1.900.20-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.20-1

url	pkg:deb/debian/jasper@1.900.1-debian1-2.4%2Bdeb8u3
purl	pkg:deb/debian/jasper@1.900.1-debian1-2.4%2Bdeb8u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-debian1-2.4%252Bdeb8u3

Affected_packages

url pkg:alpm/archlinux/jasper@1.900.9-1

purl pkg:alpm/archlinux/jasper@1.900.9-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hdut-23jk-nfc5

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-wrwt-qqrc-s7at

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.9-1

url pkg:deb/debian/jasper@1.701.0-2

purl pkg:deb/debian/jasper@1.701.0-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3m5a-x31m-wqhs

vulnerability	VCID-6qcp-9kba-1khz

vulnerability	VCID-9hdt-gf9q-skh8

vulnerability	VCID-9kqw-qv6w-zugt

vulnerability	VCID-bpmw-qhm1-audu

vulnerability	VCID-ckw2-w524-k3gz

vulnerability	VCID-d9ga-c25d-mfg5

vulnerability	VCID-f3xd-54ke-1bf6

vulnerability	VCID-hq12-wrsv-qffj

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-m85g-54qv-h3at

vulnerability	VCID-m93b-k4b2-zye1

vulnerability	VCID-np35-vr8e-wqa9

vulnerability	VCID-ptkv-jw36-cbar

vulnerability	VCID-rnuc-wtg3-r3cc

vulnerability	VCID-td6h-jus8-vfe9

vulnerability	VCID-wrwt-qqrc-s7at

vulnerability	VCID-yqjj-75r1-b3ht

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.701.0-2

url pkg:deb/debian/jasper@1.900.1-5.1%2Blenny2

purl pkg:deb/debian/jasper@1.900.1-5.1%2Blenny2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3m5a-x31m-wqhs

vulnerability	VCID-6qcp-9kba-1khz

vulnerability	VCID-9hdt-gf9q-skh8

vulnerability	VCID-9kqw-qv6w-zugt

vulnerability	VCID-bpmw-qhm1-audu

vulnerability	VCID-ckw2-w524-k3gz

vulnerability	VCID-d9ga-c25d-mfg5

vulnerability	VCID-f3xd-54ke-1bf6

vulnerability	VCID-hq12-wrsv-qffj

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-m85g-54qv-h3at

vulnerability	VCID-m93b-k4b2-zye1

vulnerability	VCID-np35-vr8e-wqa9

vulnerability	VCID-ptkv-jw36-cbar

vulnerability	VCID-rnuc-wtg3-r3cc

vulnerability	VCID-td6h-jus8-vfe9

vulnerability	VCID-wrwt-qqrc-s7at

vulnerability	VCID-yqjj-75r1-b3ht

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-5.1%252Blenny2

url pkg:deb/debian/jasper@1.900.1-7%2Bsqueeze1

purl pkg:deb/debian/jasper@1.900.1-7%2Bsqueeze1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3m5a-x31m-wqhs

vulnerability	VCID-6qcp-9kba-1khz

vulnerability	VCID-9hdt-gf9q-skh8

vulnerability	VCID-9kqw-qv6w-zugt

vulnerability	VCID-bpmw-qhm1-audu

vulnerability	VCID-ckw2-w524-k3gz

vulnerability	VCID-d9ga-c25d-mfg5

vulnerability	VCID-f3xd-54ke-1bf6

vulnerability	VCID-hq12-wrsv-qffj

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-m85g-54qv-h3at

vulnerability	VCID-m93b-k4b2-zye1

vulnerability	VCID-np35-vr8e-wqa9

vulnerability	VCID-ptkv-jw36-cbar

vulnerability	VCID-rnuc-wtg3-r3cc

vulnerability	VCID-td6h-jus8-vfe9

vulnerability	VCID-wrwt-qqrc-s7at

vulnerability	VCID-yqjj-75r1-b3ht

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-7%252Bsqueeze1

url pkg:deb/debian/jasper@1.900.1-7%2Bsqueeze4

purl pkg:deb/debian/jasper@1.900.1-7%2Bsqueeze4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3m5a-x31m-wqhs

vulnerability	VCID-6qcp-9kba-1khz

vulnerability	VCID-9hdt-gf9q-skh8

vulnerability	VCID-9kqw-qv6w-zugt

vulnerability	VCID-bpmw-qhm1-audu

vulnerability	VCID-ckw2-w524-k3gz

vulnerability	VCID-d9ga-c25d-mfg5

vulnerability	VCID-f3xd-54ke-1bf6

vulnerability	VCID-hq12-wrsv-qffj

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-m85g-54qv-h3at

vulnerability	VCID-m93b-k4b2-zye1

vulnerability	VCID-np35-vr8e-wqa9

vulnerability	VCID-ptkv-jw36-cbar

vulnerability	VCID-rnuc-wtg3-r3cc

vulnerability	VCID-td6h-jus8-vfe9

vulnerability	VCID-wrwt-qqrc-s7at

vulnerability	VCID-yqjj-75r1-b3ht

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-7%252Bsqueeze4

url pkg:deb/debian/jasper@1.900.1-13%2Bdeb7u4

purl pkg:deb/debian/jasper@1.900.1-13%2Bdeb7u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3m5a-x31m-wqhs

vulnerability	VCID-6qcp-9kba-1khz

vulnerability	VCID-9hdt-gf9q-skh8

vulnerability	VCID-bpmw-qhm1-audu

vulnerability	VCID-d9ga-c25d-mfg5

vulnerability	VCID-hq12-wrsv-qffj

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-m93b-k4b2-zye1

vulnerability	VCID-np35-vr8e-wqa9

vulnerability	VCID-ptkv-jw36-cbar

vulnerability	VCID-rnuc-wtg3-r3cc

vulnerability	VCID-td6h-jus8-vfe9

vulnerability	VCID-wrwt-qqrc-s7at

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-13%252Bdeb7u4

url pkg:deb/debian/jasper@1.900.1-debian1-2.4

purl pkg:deb/debian/jasper@1.900.1-debian1-2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3m5a-x31m-wqhs

vulnerability	VCID-6qcp-9kba-1khz

vulnerability	VCID-9hdt-gf9q-skh8

vulnerability	VCID-bpmw-qhm1-audu

vulnerability	VCID-d9ga-c25d-mfg5

vulnerability	VCID-hq12-wrsv-qffj

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-m93b-k4b2-zye1

vulnerability	VCID-np35-vr8e-wqa9

vulnerability	VCID-ptkv-jw36-cbar

vulnerability	VCID-rnuc-wtg3-r3cc

vulnerability	VCID-td6h-jus8-vfe9

vulnerability	VCID-wrwt-qqrc-s7at

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-debian1-2.4

url pkg:rpm/redhat/jasper@1.900.1-21?arch=el6_9

purl pkg:rpm/redhat/jasper@1.900.1-21?arch=el6_9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mns-2axr-w3a1

vulnerability	VCID-3m5a-x31m-wqhs

vulnerability	VCID-6qcp-9kba-1khz

vulnerability	VCID-7m7h-qxef-xfec

vulnerability	VCID-87vn-adcw-37bh

vulnerability	VCID-9cz2-djvk-quc6

vulnerability	VCID-9hdt-gf9q-skh8

vulnerability	VCID-aehh-ywwn-byee

vulnerability	VCID-bpmw-qhm1-audu

vulnerability	VCID-cs69-t6yr-zubs

vulnerability	VCID-d8pr-auwp-x7gd

vulnerability	VCID-d9ga-c25d-mfg5

vulnerability	VCID-dfkc-hyp3-6kbd

vulnerability	VCID-fjpb-8pyh-67cb

vulnerability	VCID-grw9-sn4c-57aj

vulnerability	VCID-hc16-adzw-5fbz

vulnerability	VCID-hdut-23jk-nfc5

vulnerability	VCID-hmxs-jxny-j7bg

vulnerability	VCID-hq12-wrsv-qffj

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-kucv-63eu-cueq

vulnerability	VCID-m93b-k4b2-zye1

vulnerability	VCID-np35-vr8e-wqa9

vulnerability	VCID-nwcp-qs7v-nfaa

vulnerability	VCID-ptkv-jw36-cbar

vulnerability	VCID-rnuc-wtg3-r3cc

vulnerability	VCID-wpup-kuqp-fbeb

vulnerability	VCID-wrwt-qqrc-s7at

vulnerability	VCID-ykxn-bbsr-nycu

vulnerability	VCID-zhwp-sauu-b3g6

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-21%3Farch=el6_9

url pkg:rpm/redhat/jasper@1.900.1-30?arch=el7_3

purl pkg:rpm/redhat/jasper@1.900.1-30?arch=el7_3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1mns-2axr-w3a1

vulnerability	VCID-3m5a-x31m-wqhs

vulnerability	VCID-6qcp-9kba-1khz

vulnerability	VCID-7m7h-qxef-xfec

vulnerability	VCID-87vn-adcw-37bh

vulnerability	VCID-9cz2-djvk-quc6

vulnerability	VCID-9hdt-gf9q-skh8

vulnerability	VCID-aehh-ywwn-byee

vulnerability	VCID-bpmw-qhm1-audu

vulnerability	VCID-cs69-t6yr-zubs

vulnerability	VCID-d8pr-auwp-x7gd

vulnerability	VCID-d9ga-c25d-mfg5

vulnerability	VCID-dfkc-hyp3-6kbd

vulnerability	VCID-fjpb-8pyh-67cb

vulnerability	VCID-grw9-sn4c-57aj

vulnerability	VCID-hc16-adzw-5fbz

vulnerability	VCID-hdut-23jk-nfc5

vulnerability	VCID-hmxs-jxny-j7bg

vulnerability	VCID-hq12-wrsv-qffj

vulnerability	VCID-k363-jg3m-1yhz

vulnerability	VCID-kucv-63eu-cueq

vulnerability	VCID-m93b-k4b2-zye1

vulnerability	VCID-np35-vr8e-wqa9

vulnerability	VCID-nwcp-qs7v-nfaa

vulnerability	VCID-ptkv-jw36-cbar

vulnerability	VCID-rnuc-wtg3-r3cc

vulnerability	VCID-wpup-kuqp-fbeb

vulnerability	VCID-wrwt-qqrc-s7at

vulnerability	VCID-ykxn-bbsr-nycu

vulnerability	VCID-zhwp-sauu-b3g6

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-30%3Farch=el7_3

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10249.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10249.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10249

reference_id

reference_type

scores

value	0.00539
scoring_system	epss
scoring_elements	0.67527
published_at	2026-04-01T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67629
published_at	2026-04-21T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67636
published_at	2026-04-12T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67604
published_at	2026-04-13T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67638
published_at	2026-04-16T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67563
published_at	2026-04-07T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67585
published_at	2026-04-04T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67614
published_at	2026-04-08T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.67627
published_at	2026-04-09T12:55:00Z

value	0.00539
scoring_system	epss
scoring_elements	0.6765
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10249

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388840
reference_id	1388840
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388840

reference_url

https://security.archlinux.org/AVG-207

reference_id

AVG-207

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-207

reference_url	https://access.redhat.com/errata/RHSA-2017:1208
reference_id	RHSA-2017:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1208

reference_url	https://usn.ubuntu.com/3295-1/
reference_id	USN-3295-1
reference_type
scores
url	https://usn.ubuntu.com/3295-1/

Weaknesses

cwe_id	190
name	Integer Overflow or Wraparound
description	The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

cwe_id	122
name	Heap-based Buffer Overflow
description	A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Exploits

Severity_range_score 5.1 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k363-jg3m-1yhz

Vulnerability Instance