{"url":"http://public2.vulnerablecode.io/api/packages/113214?format=json","purl":"pkg:rpm/redhat/jasper@1.900.1-21?arch=el6_9","type":"rpm","namespace":"redhat","name":"jasper","version":"1.900.1-21","qualifiers":{"arch":"el6_9"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60603?format=json","vulnerability_id":"VCID-1mns-2axr-w3a1","summary":"Multiple vulnerabilities have been found in JasPer, the worst of\n    which could could allow an attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9262","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6265","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62805","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62786","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62806","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62823","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62821","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62708","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6274","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62704","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62755","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62772","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6278","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62757","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62798","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9262"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/634ce8e8a5accc0fa05dd2c20d42b4749d4b2735","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/634ce8e8a5accc0fa05dd2c20d42b4749d4b2735"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/10/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/10/4"},{"reference_url":"http://www.securityfocus.com/bid/94224","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94224"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393882","reference_id":"1393882","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393882"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9262","reference_id":"CVE-2016-9262","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9262"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9262"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mns-2axr-w3a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81457?format=json","vulnerability_id":"VCID-3m5a-x31m-wqhs","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9560","reference_id":"","reference_type":"","scores":[{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59636","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59674","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59708","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59715","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59699","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59668","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60772","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60788","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60809","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60795","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60654","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60728","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60758","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60724","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398256","reference_id":"1398256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398256"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9560"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3m5a-x31m-wqhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81451?format=json","vulnerability_id":"VCID-6qcp-9kba-1khz","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1867","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67486","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67622","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67564","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67599","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6759","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67619","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67523","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67545","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67575","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67588","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67611","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67597","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2017/dsa-3785","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3785"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/13/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/13/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/13/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/13/6"},{"reference_url":"http://www.securityfocus.com/bid/81488","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81488"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298135","reference_id":"1298135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298135"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1867","reference_id":"CVE-2016-1867","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-1867"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qcp-9kba-1khz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84825?format=json","vulnerability_id":"VCID-7m7h-qxef-xfec","summary":"jasper: insufficient SIZ marker tilexoff and tileyoff checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9390.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9390","reference_id":"","reference_type":"","scores":[{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.6407","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64191","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.642","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64188","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64208","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64222","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64126","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64154","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64113","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64164","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64179","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64182","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64153","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64189","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9390"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94371","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396965","reference_id":"1396965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396965"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9390","reference_id":"CVE-2016-9390","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9390"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7m7h-qxef-xfec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84845?format=json","vulnerability_id":"VCID-87vn-adcw-37bh","summary":"jasper: missing jas_matrix_create() parameter checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8884","reference_id":"","reference_type":"","scores":[{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61029","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61124","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61167","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61182","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61175","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61134","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61101","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61148","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61164","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61184","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61171","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61151","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61192","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61198","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8884"},{"reference_url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/9"},{"reference_url":"http://www.securityfocus.com/bid/93834","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/93834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8884","reference_id":"CVE-2016-8884","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[],"aliases":["CVE-2016-8884"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87vn-adcw-37bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84846?format=json","vulnerability_id":"VCID-9cz2-djvk-quc6","summary":"jasper: missing jas_matrix_create() parameter checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8885","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.575","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57529","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57616","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57575","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57594","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57573","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57584","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5758","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57634","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57638","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57633","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57612","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57642","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8885"},{"reference_url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/9"},{"reference_url":"http://www.securityfocus.com/bid/93834","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/93834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8885","reference_id":"CVE-2016-8885","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[],"aliases":["CVE-2016-8885"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9cz2-djvk-quc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62585?format=json","vulnerability_id":"VCID-9hdt-gf9q-skh8","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00060.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00063.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2089","reference_id":"","reference_type":"","scores":[{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73401","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.7353","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73501","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73495","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73539","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73537","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73409","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73432","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73404","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73442","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73455","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73478","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73458","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.7345","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73493","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3508","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3508"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/28/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/28/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/28/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/28/6"},{"reference_url":"http://www.securityfocus.com/bid/83108","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/83108"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302636","reference_id":"1302636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302636"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2089","reference_id":"CVE-2016-2089","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-2089"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hdt-gf9q-skh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84823?format=json","vulnerability_id":"VCID-aehh-ywwn-byee","summary":"jasper: reachable assertions in RAS encoder/decoder","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9388","reference_id":"","reference_type":"","scores":[{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49648","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49585","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49743","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49714","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49704","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49713","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.4967","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49679","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49706","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49657","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49712","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49724","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49695","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49744","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9388"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94371","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396962","reference_id":"1396962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396962"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9388","reference_id":"CVE-2016-9388","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9388"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aehh-ywwn-byee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81452?format=json","vulnerability_id":"VCID-bpmw-qhm1-audu","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8654.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8654","reference_id":"","reference_type":"","scores":[{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46182","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46095","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46232","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46189","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46224","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46244","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46191","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46247","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46249","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46272","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46253","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.4631","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46306","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.4625","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1399167","reference_id":"1399167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1399167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8654"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bpmw-qhm1-audu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84693?format=json","vulnerability_id":"VCID-cs69-t6yr-zubs","summary":"jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9583.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9583","reference_id":"","reference_type":"","scores":[{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54785","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54801","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54882","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54857","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54855","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54879","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54848","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54898","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54895","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54908","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.5489","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54866","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54904","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54907","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54887","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.54862","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9583"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1405148","reference_id":"1405148","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1405148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[],"aliases":["CVE-2016-9583"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cs69-t6yr-zubs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84808?format=json","vulnerability_id":"VCID-d8pr-auwp-x7gd","summary":"jasper: insufficient SIZ marker segment data sanity checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9393.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9393.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9393","reference_id":"","reference_type":"","scores":[{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64704","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64831","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64843","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64856","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64852","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64756","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64747","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64797","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64828","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64817","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64789","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64827","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64837","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64824","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9393"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396972","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396972"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94377","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94377"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971","reference_id":"1396971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9393","reference_id":"CVE-2016-9393","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9393"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d8pr-auwp-x7gd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81455?format=json","vulnerability_id":"VCID-d9ga-c25d-mfg5","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8693","reference_id":"","reference_type":"","scores":[{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69794","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69807","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69822","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69798","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69846","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69862","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.6987","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69856","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69897","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69906","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69887","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69938","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69948","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.6995","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69925","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385507","reference_id":"1385507","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385507"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8693"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9ga-c25d-mfg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85551?format=json","vulnerability_id":"VCID-dfkc-hyp3-6kbd","summary":"jasper: use-after-free and double-free flaws in mif_process_cmpt()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5221","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45513","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50159","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50218","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50172","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50204","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50236","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50229","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50256","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.5023","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50219","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50264","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50265","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.5024","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50212","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5221"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1255710","reference_id":"1255710","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1255710"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2015-5221"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfkc-hyp3-6kbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84809?format=json","vulnerability_id":"VCID-fjpb-8pyh-67cb","summary":"jasper: insufficient SIZ marker segment data sanity checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9394.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9394.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9394","reference_id":"","reference_type":"","scores":[{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.6407","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64191","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.642","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64188","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64208","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64222","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64126","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64154","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64113","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64164","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64179","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64182","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64153","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64189","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9394"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396975","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396975"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94372","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94372"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971","reference_id":"1396971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9394","reference_id":"CVE-2016-9394","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9394"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fjpb-8pyh-67cb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84667?format=json","vulnerability_id":"VCID-grw9-sn4c-57aj","summary":"jasper: JP2 encoder NULL pointer dereference due to uninitialized cmprof_","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9600.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9600","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52758","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52751","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52844","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52806","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52807","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52819","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.5287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52839","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52876","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52883","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52866","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52834","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9600"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410026","reference_id":"1410026","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9600"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-grw9-sn4c-57aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60601?format=json","vulnerability_id":"VCID-hc16-adzw-5fbz","summary":"Multiple vulnerabilities have been found in JasPer, the worst of\n    which could could allow an attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5203","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63331","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63272","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69586","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69599","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69606","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69611","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69458","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69508","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69524","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69546","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69531","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69516","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69556","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69565","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5203"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1254242","reference_id":"1254242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1254242"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2015-5203"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hc16-adzw-5fbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84831?format=json","vulnerability_id":"VCID-hdut-23jk-nfc5","summary":"jasper: NULL pointer dereference in jpc_tsfb_synthesize()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10248.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10248.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10248","reference_id":"","reference_type":"","scores":[{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71033","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71169","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71181","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71184","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71042","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.7106","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71077","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.7109","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71113","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71098","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71082","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71128","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71135","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71115","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71172","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10248"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434447","reference_id":"1434447","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434447"},{"reference_url":"https://security.archlinux.org/AVG-207","reference_id":"AVG-207","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-10248"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hdut-23jk-nfc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84826?format=json","vulnerability_id":"VCID-hmxs-jxny-j7bg","summary":"jasper: integer overflow in jpc_dec_process_siz()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9387","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55848","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55868","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56025","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55999","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55925","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55945","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5592","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55959","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5601","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56013","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56024","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56003","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55986","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56022","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9387"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94374","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94374"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396959","reference_id":"1396959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396959"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9387","reference_id":"CVE-2016-9387","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9387"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmxs-jxny-j7bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62584?format=json","vulnerability_id":"VCID-hq12-wrsv-qffj","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1577","reference_id":"","reference_type":"","scores":[{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91894","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91958","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91951","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91949","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91945","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91902","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.9191","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91929","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91935","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91937","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91934","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91953","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.9195","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1577"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3508","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3508"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/03/12","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/03/03/12"},{"reference_url":"http://www.securityfocus.com/bid/84133","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84133"},{"reference_url":"http://www.ubuntu.com/usn/USN-2919-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2919-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314466","reference_id":"1314466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314466"},{"reference_url":"https://security.archlinux.org/AVG-88","reference_id":"AVG-88","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-88"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1577","reference_id":"CVE-2016-1577","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1577"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/2919-1/","reference_id":"USN-2919-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2919-1/"}],"fixed_packages":[],"aliases":["CVE-2016-1577"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hq12-wrsv-qffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81344?format=json","vulnerability_id":"VCID-k363-jg3m-1yhz","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10249.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10249.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10249","reference_id":"","reference_type":"","scores":[{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67527","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67637","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67649","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67659","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67662","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67563","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67585","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67614","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67627","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.6765","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67636","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67638","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67629","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388840","reference_id":"1388840","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388840"},{"reference_url":"https://security.archlinux.org/AVG-207","reference_id":"AVG-207","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-10249"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k363-jg3m-1yhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84807?format=json","vulnerability_id":"VCID-kucv-63eu-cueq","summary":"jasper: insufficient SIZ marker segment data sanity checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9392.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9392","reference_id":"","reference_type":"","scores":[{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64324","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64446","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64463","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64476","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64473","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64378","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64407","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64368","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64416","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64432","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64444","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64403","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64438","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64449","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64442","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9392"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94377","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94377"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971","reference_id":"1396971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9392","reference_id":"CVE-2016-9392","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9392"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kucv-63eu-cueq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81454?format=json","vulnerability_id":"VCID-m93b-k4b2-zye1","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8692","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64499","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.6462","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64645","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64643","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64553","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64582","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64539","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64604","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64621","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64616","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64613","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64633","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502","reference_id":"1385502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8692"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m93b-k4b2-zye1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62586?format=json","vulnerability_id":"VCID-np35-vr8e-wqa9","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2116","reference_id":"","reference_type":"","scores":[{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91658","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.9173","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91716","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91722","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91719","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91718","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91666","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91671","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.9168","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91693","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.917","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91703","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91706","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91702","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91723","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91715","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2116"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3508","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3508"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/03/12","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/03/03/12"},{"reference_url":"http://www.securityfocus.com/bid/84133","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84133"},{"reference_url":"http://www.ubuntu.com/usn/USN-2919-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2919-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314472","reference_id":"1314472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314472"},{"reference_url":"https://security.archlinux.org/AVG-88","reference_id":"AVG-88","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-88"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2116","reference_id":"CVE-2016-2116","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/2919-1/","reference_id":"USN-2919-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2919-1/"}],"fixed_packages":[],"aliases":["CVE-2016-2116"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-np35-vr8e-wqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84819?format=json","vulnerability_id":"VCID-nwcp-qs7v-nfaa","summary":"jasper: reachable assertions in the JPC bitstream code","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9391.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9391","reference_id":"","reference_type":"","scores":[{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.78996","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79135","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79101","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79107","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79122","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79029","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79013","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79038","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79044","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79068","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79054","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79072","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79069","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9391"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/1e84674d95353c64e5c4c0e7232ae86fd6ea813b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/1e84674d95353c64e5c4c0e7232ae86fd6ea813b"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94371","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396967","reference_id":"1396967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396967"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9391","reference_id":"CVE-2016-9391","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9391"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwcp-qs7v-nfaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81453?format=json","vulnerability_id":"VCID-ptkv-jw36-cbar","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8691","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64499","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.6462","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64645","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64643","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64553","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64582","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64539","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64604","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64621","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64616","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64613","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64633","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502","reference_id":"1385502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8691"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptkv-jw36-cbar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60604?format=json","vulnerability_id":"VCID-rnuc-wtg3-r3cc","summary":"Multiple vulnerabilities have been found in JasPer, the worst of\n    which could could allow an attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9591.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9591.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9591","reference_id":"","reference_type":"","scores":[{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.64917","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65042","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65063","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.6506","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.64967","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.64994","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.64957","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65006","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65021","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65038","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65028","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65037","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65047","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65032","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.6505","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406405","reference_id":"1406405","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406405"},{"reference_url":"https://security.archlinux.org/ASA-201703-9","reference_id":"ASA-201703-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-9"},{"reference_url":"https://security.archlinux.org/AVG-69","reference_id":"AVG-69","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-69"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9591"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rnuc-wtg3-r3cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84824?format=json","vulnerability_id":"VCID-wpup-kuqp-fbeb","summary":"jasper: reachable assertions caused by insufficient component domains checks in ICT/RCT in JPC codec","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9389.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9389","reference_id":"","reference_type":"","scores":[{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81805","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81969","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.8191","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81933","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81944","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81949","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81838","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81836","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81862","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81869","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81889","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81877","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81872","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.81908","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9389"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94371","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396963","reference_id":"1396963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396963"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9389","reference_id":"CVE-2016-9389","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9389"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpup-kuqp-fbeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81345?format=json","vulnerability_id":"VCID-wrwt-qqrc-s7at","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10251.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10251.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10251","reference_id":"","reference_type":"","scores":[{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.58971","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59034","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59088","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59075","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59046","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59068","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59033","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59084","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.5909","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59108","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59071","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59107","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59111","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59091","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434461","reference_id":"1434461","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434461"},{"reference_url":"https://security.archlinux.org/AVG-207","reference_id":"AVG-207","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-10251"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrwt-qqrc-s7at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84843?format=json","vulnerability_id":"VCID-ykxn-bbsr-nycu","summary":"jasper: reachable asserts in jpc_dec_tiledecode()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8883.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8883","reference_id":"","reference_type":"","scores":[{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59273","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59345","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59382","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59387","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59347","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59371","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59338","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59388","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59402","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59421","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59405","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59386","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59418","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59425","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59407","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8883"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388870","reference_id":"1388870","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8883"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ykxn-bbsr-nycu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84844?format=json","vulnerability_id":"VCID-zhwp-sauu-b3g6","summary":"jasper: missing jas_matrix_create() parameter checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8690","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61896","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62008","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62069","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62062","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61969","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61971","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6202","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62037","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62057","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62025","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62073","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62055","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62053","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8690"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[],"aliases":["CVE-2016-8690"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhwp-sauu-b3g6"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-21%3Farch=el6_9"}