{"url":"http://public2.vulnerablecode.io/api/packages/155125?format=json","purl":"pkg:rpm/redhat/jasper@1.900.1-30?arch=el7_3","type":"rpm","namespace":"redhat","name":"jasper","version":"1.900.1-30","qualifiers":{"arch":"el7_3"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112344?format=json","vulnerability_id":"VCID-1hnp-pddx-e3dv","summary":"jasper: reachable assertions caused by insufficient component domains checks in ICT/RCT in JPC codec","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9389.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9389","reference_id":"","reference_type":"","scores":[{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.82212","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01628","scoring_system":"epss","scoring_elements":"0.8224","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9389"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396963","reference_id":"1396963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9389"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hnp-pddx-e3dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112310?format=json","vulnerability_id":"VCID-269d-ukkx-5be1","summary":"jasper: insufficient SIZ marker segment data sanity checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9392.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9392","reference_id":"","reference_type":"","scores":[{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64759","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64801","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9392"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971","reference_id":"1396971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9392"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-269d-ukkx-5be1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4813?format=json","vulnerability_id":"VCID-2hsx-pkhc-83hm","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8690","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62346","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62393","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8690"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[],"aliases":["CVE-2016-8690"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2hsx-pkhc-83hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4802?format=json","vulnerability_id":"VCID-35h9-tgzm-nqgj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9560","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45989","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46058","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398256","reference_id":"1398256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398256"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9560"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35h9-tgzm-nqgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4670?format=json","vulnerability_id":"VCID-3a69-x6rk-abh5","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5221","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45785","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45854","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5221"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1255710","reference_id":"1255710","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1255710"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2015-5221"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3a69-x6rk-abh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4814?format=json","vulnerability_id":"VCID-3cev-b9pf-eqa9","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2089","reference_id":"","reference_type":"","scores":[{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73816","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73853","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302636","reference_id":"1302636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302636"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-2089"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3cev-b9pf-eqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4809?format=json","vulnerability_id":"VCID-43ye-nt3a-nbcx","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8884","reference_id":"","reference_type":"","scores":[{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61474","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61522","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[],"aliases":["CVE-2016-8884"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43ye-nt3a-nbcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112311?format=json","vulnerability_id":"VCID-4553-8upn-57ap","summary":"jasper: insufficient SIZ marker segment data sanity checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9393.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9393.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9393","reference_id":"","reference_type":"","scores":[{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65147","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.6519","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9393"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971","reference_id":"1396971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9393"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4553-8upn-57ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112235?format=json","vulnerability_id":"VCID-5x4z-q915-4uca","summary":"jasper: heap-based buffer overflow in QMFB code in JPC codec","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8654.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8654","reference_id":"","reference_type":"","scores":[{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30992","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31058","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1399167","reference_id":"1399167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1399167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8654"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5x4z-q915-4uca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6719?format=json","vulnerability_id":"VCID-5xrq-9s1s-bqd1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1577","reference_id":"","reference_type":"","scores":[{"value":"0.09811","scoring_system":"epss","scoring_elements":"0.93111","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09811","scoring_system":"epss","scoring_elements":"0.93122","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314466","reference_id":"1314466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314466"},{"reference_url":"https://security.archlinux.org/AVG-88","reference_id":"AVG-88","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/2919-1/","reference_id":"USN-2919-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2919-1/"}],"fixed_packages":[],"aliases":["CVE-2016-1577"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xrq-9s1s-bqd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6620?format=json","vulnerability_id":"VCID-6cmg-36hb-jyaj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10249.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10249.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10249","reference_id":"","reference_type":"","scores":[{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67948","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67987","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388840","reference_id":"1388840","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388840"},{"reference_url":"https://security.archlinux.org/AVG-207","reference_id":"AVG-207","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-10249"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6cmg-36hb-jyaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4810?format=json","vulnerability_id":"VCID-ag93-fc4f-rbau","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8693","reference_id":"","reference_type":"","scores":[{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70248","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.7029","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385507","reference_id":"1385507","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385507"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8693"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ag93-fc4f-rbau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6737?format=json","vulnerability_id":"VCID-amqe-dtc6-sff7","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9591.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9591.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9591","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51127","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51189","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406405","reference_id":"1406405","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406405"},{"reference_url":"https://security.archlinux.org/ASA-201703-9","reference_id":"ASA-201703-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-9"},{"reference_url":"https://security.archlinux.org/AVG-69","reference_id":"AVG-69","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-69"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9591"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-amqe-dtc6-sff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4811?format=json","vulnerability_id":"VCID-c8ht-bw6h-kyfz","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8692","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64939","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64982","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502","reference_id":"1385502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8692"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8ht-bw6h-kyfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4812?format=json","vulnerability_id":"VCID-cfs1-twuv-6bdd","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8691","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64939","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64982","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502","reference_id":"1385502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8691"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cfs1-twuv-6bdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112345?format=json","vulnerability_id":"VCID-d2sw-3wx3-93dq","summary":"jasper: insufficient SIZ marker tilexoff and tileyoff checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9390.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9390","reference_id":"","reference_type":"","scores":[{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64491","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64535","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9390"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396965","reference_id":"1396965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9390"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d2sw-3wx3-93dq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4804?format=json","vulnerability_id":"VCID-dnhz-hrtp-v3dx","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9388","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35203","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3531","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9388"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396962","reference_id":"1396962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396962"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9388"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dnhz-hrtp-v3dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6718?format=json","vulnerability_id":"VCID-fg7h-hmyh-n3b6","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2116","reference_id":"","reference_type":"","scores":[{"value":"0.0933","scoring_system":"epss","scoring_elements":"0.92914","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0933","scoring_system":"epss","scoring_elements":"0.92926","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314472","reference_id":"1314472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314472"},{"reference_url":"https://security.archlinux.org/AVG-88","reference_id":"AVG-88","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/2919-1/","reference_id":"USN-2919-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2919-1/"}],"fixed_packages":[],"aliases":["CVE-2016-2116"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fg7h-hmyh-n3b6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6619?format=json","vulnerability_id":"VCID-g3j4-t9zs-a7dk","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10251.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10251.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10251","reference_id":"","reference_type":"","scores":[{"value":"0.00414","scoring_system":"epss","scoring_elements":"0.61884","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00414","scoring_system":"epss","scoring_elements":"0.61933","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434461","reference_id":"1434461","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434461"},{"reference_url":"https://security.archlinux.org/AVG-207","reference_id":"AVG-207","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-10251"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3j4-t9zs-a7dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4806?format=json","vulnerability_id":"VCID-gaf1-dupx-bbad","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9262","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63091","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63135","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9262"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393882","reference_id":"1393882","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393882"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9262"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gaf1-dupx-bbad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6621?format=json","vulnerability_id":"VCID-gm8p-bwj3-hfa5","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10248.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10248.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10248","reference_id":"","reference_type":"","scores":[{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71484","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71528","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10248"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434447","reference_id":"1434447","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434447"},{"reference_url":"https://security.archlinux.org/AVG-207","reference_id":"AVG-207","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-10248"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gm8p-bwj3-hfa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4808?format=json","vulnerability_id":"VCID-ju5w-w2df-ebh2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8885","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57857","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57909","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8885"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[],"aliases":["CVE-2016-8885"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ju5w-w2df-ebh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112224?format=json","vulnerability_id":"VCID-jvzq-hp2p-tkgx","summary":"jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9583.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9583","reference_id":"","reference_type":"","scores":[{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55159","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55217","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9583"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1405148","reference_id":"1405148","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1405148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[],"aliases":["CVE-2016-9583"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvzq-hp2p-tkgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112154?format=json","vulnerability_id":"VCID-nahy-5pzp-t7du","summary":"jasper: JP2 encoder NULL pointer dereference due to uninitialized cmprof_","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9600.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9600","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36128","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36222","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9600"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410026","reference_id":"1410026","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9600"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nahy-5pzp-t7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4805?format=json","vulnerability_id":"VCID-q2aq-m9ct-bya8","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9387","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56225","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56281","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396959","reference_id":"1396959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396959"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9387"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q2aq-m9ct-bya8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112342?format=json","vulnerability_id":"VCID-qgup-zf5g-43gz","summary":"jasper: reachable assertions in the JPC bitstream code","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9391.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9391","reference_id":"","reference_type":"","scores":[{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79371","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01218","scoring_system":"epss","scoring_elements":"0.79398","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9391"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396967","reference_id":"1396967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9391"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgup-zf5g-43gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4669?format=json","vulnerability_id":"VCID-r477-2yb6-6kcg","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1867","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6791","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6795","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298135","reference_id":"1298135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298135"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[],"aliases":["CVE-2016-1867"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r477-2yb6-6kcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112312?format=json","vulnerability_id":"VCID-r48k-3p1p-53g5","summary":"jasper: insufficient SIZ marker segment data sanity checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9394.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9394.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9394","reference_id":"","reference_type":"","scores":[{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64491","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00461","scoring_system":"epss","scoring_elements":"0.64535","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9394"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971","reference_id":"1396971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9394"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r48k-3p1p-53g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112397?format=json","vulnerability_id":"VCID-wvzg-mu5e-wqdq","summary":"jasper: reachable asserts in jpc_dec_tiledecode()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8883.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8883","reference_id":"","reference_type":"","scores":[{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59677","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59727","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8883"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388870","reference_id":"1388870","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2016-8883"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvzg-mu5e-wqdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4816?format=json","vulnerability_id":"VCID-ywxr-sgh2-p7ar","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5203","reference_id":"","reference_type":"","scores":[{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69909","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69949","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5203"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1254242","reference_id":"1254242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1254242"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[],"aliases":["CVE-2015-5203"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ywxr-sgh2-p7ar"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-30%3Farch=el7_3"}