Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7m7h-qxef-xfec
Summaryjasper: insufficient SIZ marker tilexoff and tileyoff checks
Aliases
0
alias CVE-2016-9390
Fixed_packages
Affected_packages
0
url pkg:rpm/redhat/jasper@1.900.1-21?arch=el6_9
purl pkg:rpm/redhat/jasper@1.900.1-21?arch=el6_9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1mns-2axr-w3a1
1
vulnerability VCID-3m5a-x31m-wqhs
2
vulnerability VCID-6qcp-9kba-1khz
3
vulnerability VCID-7m7h-qxef-xfec
4
vulnerability VCID-87vn-adcw-37bh
5
vulnerability VCID-9cz2-djvk-quc6
6
vulnerability VCID-9hdt-gf9q-skh8
7
vulnerability VCID-aehh-ywwn-byee
8
vulnerability VCID-bpmw-qhm1-audu
9
vulnerability VCID-cs69-t6yr-zubs
10
vulnerability VCID-d8pr-auwp-x7gd
11
vulnerability VCID-d9ga-c25d-mfg5
12
vulnerability VCID-dfkc-hyp3-6kbd
13
vulnerability VCID-fjpb-8pyh-67cb
14
vulnerability VCID-grw9-sn4c-57aj
15
vulnerability VCID-hc16-adzw-5fbz
16
vulnerability VCID-hdut-23jk-nfc5
17
vulnerability VCID-hmxs-jxny-j7bg
18
vulnerability VCID-hq12-wrsv-qffj
19
vulnerability VCID-k363-jg3m-1yhz
20
vulnerability VCID-kucv-63eu-cueq
21
vulnerability VCID-m93b-k4b2-zye1
22
vulnerability VCID-np35-vr8e-wqa9
23
vulnerability VCID-nwcp-qs7v-nfaa
24
vulnerability VCID-ptkv-jw36-cbar
25
vulnerability VCID-rnuc-wtg3-r3cc
26
vulnerability VCID-wpup-kuqp-fbeb
27
vulnerability VCID-wrwt-qqrc-s7at
28
vulnerability VCID-ykxn-bbsr-nycu
29
vulnerability VCID-zhwp-sauu-b3g6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-21%3Farch=el6_9
1
url pkg:rpm/redhat/jasper@1.900.1-30?arch=el7_3
purl pkg:rpm/redhat/jasper@1.900.1-30?arch=el7_3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1mns-2axr-w3a1
1
vulnerability VCID-3m5a-x31m-wqhs
2
vulnerability VCID-6qcp-9kba-1khz
3
vulnerability VCID-7m7h-qxef-xfec
4
vulnerability VCID-87vn-adcw-37bh
5
vulnerability VCID-9cz2-djvk-quc6
6
vulnerability VCID-9hdt-gf9q-skh8
7
vulnerability VCID-aehh-ywwn-byee
8
vulnerability VCID-bpmw-qhm1-audu
9
vulnerability VCID-cs69-t6yr-zubs
10
vulnerability VCID-d8pr-auwp-x7gd
11
vulnerability VCID-d9ga-c25d-mfg5
12
vulnerability VCID-dfkc-hyp3-6kbd
13
vulnerability VCID-fjpb-8pyh-67cb
14
vulnerability VCID-grw9-sn4c-57aj
15
vulnerability VCID-hc16-adzw-5fbz
16
vulnerability VCID-hdut-23jk-nfc5
17
vulnerability VCID-hmxs-jxny-j7bg
18
vulnerability VCID-hq12-wrsv-qffj
19
vulnerability VCID-k363-jg3m-1yhz
20
vulnerability VCID-kucv-63eu-cueq
21
vulnerability VCID-m93b-k4b2-zye1
22
vulnerability VCID-np35-vr8e-wqa9
23
vulnerability VCID-nwcp-qs7v-nfaa
24
vulnerability VCID-ptkv-jw36-cbar
25
vulnerability VCID-rnuc-wtg3-r3cc
26
vulnerability VCID-wpup-kuqp-fbeb
27
vulnerability VCID-wrwt-qqrc-s7at
28
vulnerability VCID-ykxn-bbsr-nycu
29
vulnerability VCID-zhwp-sauu-b3g6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-30%3Farch=el7_3
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9390.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9390.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9390
reference_id
reference_type
scores
0
value 0.00461
scoring_system epss
scoring_elements 0.6407
published_at 2026-04-01T12:55:00Z
1
value 0.00461
scoring_system epss
scoring_elements 0.64188
published_at 2026-04-21T12:55:00Z
2
value 0.00461
scoring_system epss
scoring_elements 0.64182
published_at 2026-04-12T12:55:00Z
3
value 0.00461
scoring_system epss
scoring_elements 0.64153
published_at 2026-04-13T12:55:00Z
4
value 0.00461
scoring_system epss
scoring_elements 0.64189
published_at 2026-04-16T12:55:00Z
5
value 0.00461
scoring_system epss
scoring_elements 0.642
published_at 2026-04-18T12:55:00Z
6
value 0.00461
scoring_system epss
scoring_elements 0.64126
published_at 2026-04-02T12:55:00Z
7
value 0.00461
scoring_system epss
scoring_elements 0.64154
published_at 2026-04-04T12:55:00Z
8
value 0.00461
scoring_system epss
scoring_elements 0.64113
published_at 2026-04-07T12:55:00Z
9
value 0.00461
scoring_system epss
scoring_elements 0.64164
published_at 2026-04-08T12:55:00Z
10
value 0.00461
scoring_system epss
scoring_elements 0.64179
published_at 2026-04-09T12:55:00Z
11
value 0.00461
scoring_system epss
scoring_elements 0.64193
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9390
2
reference_url https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure
reference_id
reference_type
scores
url https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.9
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:N/I:N/A:P
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865
reference_id
reference_type
scores
url https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865
5
reference_url http://www.openwall.com/lists/oss-security/2016/11/17/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/11/17/1
6
reference_url http://www.securityfocus.com/bid/94371
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94371
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1396965
reference_id 1396965
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1396965
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9390
reference_id CVE-2016-9390
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9390
10
reference_url https://access.redhat.com/errata/RHSA-2017:1208
reference_id RHSA-2017:1208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1208
11
reference_url https://usn.ubuntu.com/3693-1/
reference_id USN-3693-1
reference_type
scores
url https://usn.ubuntu.com/3693-1/
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
1
cwe_id 617
name Reachable Assertion
description The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
Exploits
Severity_range_score1.9 - 5.5
Exploitability0.5
Weighted_severity5.0
Risk_score2.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7m7h-qxef-xfec