{"url":"http://public2.vulnerablecode.io/api/packages/371599?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.1-15","type":"alpm","namespace":"archlinux","name":"jasper","version":"1.900.1-15","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.900.5-1","latest_non_vulnerable_version":"2.0.28-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84837?format=json","vulnerability_id":"VCID-1e4z-zk1w-33fw","summary":"jasper: uninitialized pointer use in jp2_box_get()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8887.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8887.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8887","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4449","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44387","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44335","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44352","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44286","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44316","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4456","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44581","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4452","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4457","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44592","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44562","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44563","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44619","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44611","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44542","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44458","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44462","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44381","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44258","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8887"},{"reference_url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/e24bdc716c3327b067c551bc6cfb97fd2370358d","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/e24bdc716c3327b067c551bc6cfb97fd2370358d"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/6"},{"reference_url":"http://www.securityfocus.com/bid/93835","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/93835"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388828","reference_id":"1388828","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388828"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8887","reference_id":"CVE-2016-8887","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8887"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8887"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1e4z-zk1w-33fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60603?format=json","vulnerability_id":"VCID-1mns-2axr-w3a1","summary":"Multiple vulnerabilities have been found in JasPer, the worst of\n    which could could allow an attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9262","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6265","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62915","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62821","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62874","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62833","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6286","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62708","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6274","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62704","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62755","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62772","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6278","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62757","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62798","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62805","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62786","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62806","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62823","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9262"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/634ce8e8a5accc0fa05dd2c20d42b4749d4b2735","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/634ce8e8a5accc0fa05dd2c20d42b4749d4b2735"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/10/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/10/4"},{"reference_url":"http://www.securityfocus.com/bid/94224","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94224"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393882","reference_id":"1393882","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393882"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9262","reference_id":"CVE-2016-9262","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9262"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9262"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mns-2axr-w3a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48600?format=json","vulnerability_id":"VCID-273p-y942-ekes","summary":"Multiple memory management errors in JasPer could result in\n    execution of arbitrary code or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4517.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4517","reference_id":"","reference_type":"","scores":[{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97415","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97422","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97427","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97435","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.9744","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97448","published_at":"2026-04-16T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97453","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97451","published_at":"2026-04-24T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97455","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97459","published_at":"2026-05-05T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97462","published_at":"2026-05-07T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97466","published_at":"2026-05-09T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97468","published_at":"2026-05-11T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97474","published_at":"2026-05-12T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97483","published_at":"2026-05-14T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97426","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html","reference_id":"071458.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html","reference_id":"071561.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html"},{"reference_url":"http://secunia.com/advisories/47193","reference_id":"47193","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47193"},{"reference_url":"http://secunia.com/advisories/47306","reference_id":"47306","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47306"},{"reference_url":"http://secunia.com/advisories/47353","reference_id":"47353","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47353"},{"reference_url":"http://www.securityfocus.com/bid/50992","reference_id":"50992","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.securityfocus.com/bid/50992"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71701","reference_id":"71701","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71701"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726","reference_id":"747726","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726"},{"reference_url":"http://osvdb.org/77596","reference_id":"77596","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://osvdb.org/77596"},{"reference_url":"http://www.kb.cert.org/vuls/id/887409","reference_id":"887409","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.kb.cert.org/vuls/id/887409"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html","reference_id":"cpujan2012-366304.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"},{"reference_url":"http://www.debian.org/security/2011/dsa-2371","reference_id":"dsa-2371","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.debian.org/security/2011/dsa-2371"},{"reference_url":"https://security.gentoo.org/glsa/201201-10","reference_id":"GLSA-201201-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-10"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1807","reference_id":"RHSA-2011:1807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1807"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-1807.html","reference_id":"RHSA-2011-1807.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2011-1807.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1811","reference_id":"RHSA-2011:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1811"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-1811.html","reference_id":"RHSA-2011-1811.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2011-1811.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1315-1/","reference_id":"USN-1315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1315-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-1315-1","reference_id":"USN-1315-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.ubuntu.com/usn/USN-1315-1"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2011-4517"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-273p-y942-ekes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48599?format=json","vulnerability_id":"VCID-2hkv-yn4v-6kcy","summary":"Multiple memory management errors in JasPer could result in\n    execution of arbitrary code or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4516.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4516.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4516","reference_id":"","reference_type":"","scores":[{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97745","published_at":"2026-05-14T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.9769","published_at":"2026-04-01T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97696","published_at":"2026-04-02T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97698","published_at":"2026-04-04T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97697","published_at":"2026-04-07T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97702","published_at":"2026-04-08T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97705","published_at":"2026-04-09T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.9771","published_at":"2026-04-12T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97712","published_at":"2026-04-13T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97717","published_at":"2026-04-16T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97721","published_at":"2026-04-26T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.9772","published_at":"2026-04-24T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97726","published_at":"2026-04-29T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97729","published_at":"2026-05-05T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97731","published_at":"2026-05-07T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97733","published_at":"2026-05-11T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97738","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4516"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726","reference_id":"747726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201201-10","reference_id":"GLSA-201201-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1807","reference_id":"RHSA-2011:1807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1811","reference_id":"RHSA-2011:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1315-1/","reference_id":"USN-1315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1315-1/"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2011-4516"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2hkv-yn4v-6kcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81457?format=json","vulnerability_id":"VCID-3m5a-x31m-wqhs","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9560","reference_id":"","reference_type":"","scores":[{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59796","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59674","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59708","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59715","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59699","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59668","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59636","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59683","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59742","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.597","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59728","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60654","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60788","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60809","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60795","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60728","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60758","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60772","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398256","reference_id":"1398256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398256"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9560"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3m5a-x31m-wqhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81451?format=json","vulnerability_id":"VCID-6qcp-9kba-1khz","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1867","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67486","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67734","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67622","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67679","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6765","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67675","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67523","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67545","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67575","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67588","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67611","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67597","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67564","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67599","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6759","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67619","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2017/dsa-3785","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3785"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/13/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/13/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/13/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/13/6"},{"reference_url":"http://www.securityfocus.com/bid/81488","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81488"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298135","reference_id":"1298135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298135"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1867","reference_id":"CVE-2016-1867","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2016-1867"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qcp-9kba-1khz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84845?format=json","vulnerability_id":"VCID-87vn-adcw-37bh","summary":"jasper: missing jas_matrix_create() parameter checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8884","reference_id":"","reference_type":"","scores":[{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61029","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61278","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61173","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61232","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61194","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61221","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61134","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61101","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61148","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61164","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61184","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61171","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61151","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61192","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61198","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61167","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61182","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61175","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61124","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8884"},{"reference_url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/5d66894d2313e3f3469f19066e149e08ff076698"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/9"},{"reference_url":"http://www.securityfocus.com/bid/93834","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/93834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8884","reference_id":"CVE-2016-8884","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8884"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87vn-adcw-37bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48761?format=json","vulnerability_id":"VCID-932v-xwug-nbfy","summary":"Multiple memory management errors in JasPer might lead to execution of\n    arbitrary code via jpeg2k files.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=222819","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=222819"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3520.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3520.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3520","reference_id":"","reference_type":"","scores":[{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86696","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86664","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86501","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86511","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.8653","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86528","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86548","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86558","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86573","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86569","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86563","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86576","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86581","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86574","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86592","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86601","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86599","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86621","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86639","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86656","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02999","scoring_system":"epss","scoring_elements":"0.86652","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520"},{"reference_url":"http://secunia.com/advisories/33173","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33173"},{"reference_url":"http://secunia.com/advisories/34391","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34391"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-18.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-18.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45621","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45621"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10141","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:142"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:144","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:144"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:164","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:164"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-0012.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-0012.html"},{"reference_url":"http://www.securityfocus.com/bid/31470","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31470"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606"},{"reference_url":"http://www.ubuntu.com/usn/USN-742-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-742-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=461476","reference_id":"461476","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=461476"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778","reference_id":"559778","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3520","reference_id":"CVE-2008-3520","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3520"},{"reference_url":"https://security.gentoo.org/glsa/200812-18","reference_id":"GLSA-200812-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0012","reference_id":"RHSA-2009:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"},{"reference_url":"https://usn.ubuntu.com/742-1/","reference_id":"USN-742-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/742-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2008-3520"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-932v-xwug-nbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84846?format=json","vulnerability_id":"VCID-9cz2-djvk-quc6","summary":"jasper: missing jas_matrix_create() parameter checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8885","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.575","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5768","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57529","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57637","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57586","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57613","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57584","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5758","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57634","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57638","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57633","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57612","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57642","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57616","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57575","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57594","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57573","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8885"},{"reference_url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/23/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/23/9"},{"reference_url":"http://www.securityfocus.com/bid/93834","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/93834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8885","reference_id":"CVE-2016-8885","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8885"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9cz2-djvk-quc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62585?format=json","vulnerability_id":"VCID-9hdt-gf9q-skh8","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00060.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00063.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2089","reference_id":"","reference_type":"","scores":[{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73401","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73619","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73537","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.7353","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73555","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73579","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73561","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73409","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73432","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73404","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73442","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73455","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73478","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73458","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.7345","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73493","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73501","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73495","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73539","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3508","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3508"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/28/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/28/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/28/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/28/6"},{"reference_url":"http://www.securityfocus.com/bid/83108","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/83108"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302636","reference_id":"1302636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302636"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2089","reference_id":"CVE-2016-2089","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-2089"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hdt-gf9q-skh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58477?format=json","vulnerability_id":"VCID-9kqw-qv6w-zugt","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0514.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0514.html"},{"reference_url":"http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-2021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-2021.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9029.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9029","reference_id":"","reference_type":"","scores":[{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96919","published_at":"2026-05-14T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96908","published_at":"2026-05-12T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96835","published_at":"2026-04-01T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96842","published_at":"2026-04-02T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96844","published_at":"2026-04-04T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96848","published_at":"2026-04-07T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96857","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96858","published_at":"2026-04-09T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96861","published_at":"2026-04-11T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96862","published_at":"2026-04-12T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96863","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.9687","published_at":"2026-04-16T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96874","published_at":"2026-04-18T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96876","published_at":"2026-04-21T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96877","published_at":"2026-04-24T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96879","published_at":"2026-04-26T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96883","published_at":"2026-04-29T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.9689","published_at":"2026-05-05T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96894","published_at":"2026-05-07T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.969","published_at":"2026-05-09T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96903","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029"},{"reference_url":"http://secunia.com/advisories/61747","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61747"},{"reference_url":"http://secunia.com/advisories/62828","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62828"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/99125","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/99125"},{"reference_url":"http://www.debian.org/security/2014/dsa-3089","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-3089"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:247","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:247"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:159","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:159"},{"reference_url":"http://www.ocert.org/advisories/ocert-2014-009.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.ocert.org/advisories/ocert-2014-009.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/12/04/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/12/04/9"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.securityfocus.com/archive/1/534153/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/534153/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/71476","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71476"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606"},{"reference_url":"http://www.ubuntu.com/usn/USN-2434-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2434-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2434-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2434-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1167537","reference_id":"1167537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1167537"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9029","reference_id":"CVE-2014-9029","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9029"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2021","reference_id":"RHSA-2014:2021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/2434-1/","reference_id":"USN-2434-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2434-1/"},{"reference_url":"https://usn.ubuntu.com/2434-2/","reference_id":"USN-2434-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2434-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-9029"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9kqw-qv6w-zugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84823?format=json","vulnerability_id":"VCID-aehh-ywwn-byee","summary":"jasper: reachable assertions in RAS encoder/decoder","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9388","reference_id":"","reference_type":"","scores":[{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49648","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49719","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49585","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49644","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49671","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49619","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49647","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49679","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49706","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49657","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49712","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49724","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49695","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49744","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49743","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49714","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49704","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49713","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.4967","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9388"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94371","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396962","reference_id":"1396962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396962"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9388","reference_id":"CVE-2016-9388","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9388"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aehh-ywwn-byee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58081?format=json","vulnerability_id":"VCID-ckw2-w524-k3gz","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0539.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0539.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00013.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00017.html"},{"reference_url":"http://packetstormsecurity.com/files/129660/JasPer-1.900.1-Double-Free-Heap-Overflow.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/129660/JasPer-1.900.1-Double-Free-Heap-Overflow.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-2021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-2021.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1713.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1713.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8138.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8138","reference_id":"","reference_type":"","scores":[{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.9068","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90666","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90549","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90559","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90567","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90586","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90595","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90589","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90608","published_at":"2026-04-16T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90605","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90602","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90617","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90618","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90614","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90627","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90646","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90659","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90656","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138"},{"reference_url":"http://secunia.com/advisories/61747","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61747"},{"reference_url":"http://secunia.com/advisories/62311","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62311"},{"reference_url":"http://secunia.com/advisories/62615","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62615"},{"reference_url":"http://secunia.com/advisories/62619","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62619"},{"reference_url":"https://www.ocert.org/advisories/ocert-2014-012.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.ocert.org/advisories/ocert-2014-012.html"},{"reference_url":"http://www.debian.org/security/2014/dsa-3106","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-3106"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:012","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:012"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:159","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:159"},{"reference_url":"http://www.securityfocus.com/bid/71746","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71746"},{"reference_url":"http://www.securitytracker.com/id/1033459","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1033459"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606"},{"reference_url":"http://www.ubuntu.com/usn/USN-2483-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2483-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2483-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2483-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173162","reference_id":"1173162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173162"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8138","reference_id":"CVE-2014-8138","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8138"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2021","reference_id":"RHSA-2014:2021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1713","reference_id":"RHSA-2015:1713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1713"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-8138"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ckw2-w524-k3gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81455?format=json","vulnerability_id":"VCID-d9ga-c25d-mfg5","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8693","reference_id":"","reference_type":"","scores":[{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69794","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69807","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69822","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69798","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69846","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69862","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.6987","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69856","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69897","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69906","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69887","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69938","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69948","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.6995","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69925","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69968","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69998","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69967","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.69994","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70042","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385507","reference_id":"1385507","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385507"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8693"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9ga-c25d-mfg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85551?format=json","vulnerability_id":"VCID-dfkc-hyp3-6kbd","summary":"jasper: use-after-free and double-free flaws in mif_process_cmpt()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5221","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45633","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45513","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45576","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45594","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45536","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45562","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50229","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50256","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.5023","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50219","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50264","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50265","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.5024","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50212","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50218","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50172","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50159","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50236","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50204","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5221"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1255710","reference_id":"1255710","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1255710"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2015-5221"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfkc-hyp3-6kbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58080?format=json","vulnerability_id":"VCID-f3xd-54ke-1bf6","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0539.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0539.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00013.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-01/msg00017.html"},{"reference_url":"http://packetstormsecurity.com/files/129660/JasPer-1.900.1-Double-Free-Heap-Overflow.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/129660/JasPer-1.900.1-Double-Free-Heap-Overflow.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-2021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-2021.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1713.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1713.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8137.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8137","reference_id":"","reference_type":"","scores":[{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96833","published_at":"2026-05-14T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96824","published_at":"2026-05-12T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96753","published_at":"2026-04-01T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96762","published_at":"2026-04-02T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96764","published_at":"2026-04-04T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96769","published_at":"2026-04-07T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96776","published_at":"2026-04-08T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96777","published_at":"2026-04-09T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.9678","published_at":"2026-04-12T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96782","published_at":"2026-04-13T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96788","published_at":"2026-04-16T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96793","published_at":"2026-04-18T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96796","published_at":"2026-04-26T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96795","published_at":"2026-04-24T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96798","published_at":"2026-04-29T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96807","published_at":"2026-05-05T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96811","published_at":"2026-05-07T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96816","published_at":"2026-05-09T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96818","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138"},{"reference_url":"http://secunia.com/advisories/61747","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61747"},{"reference_url":"http://secunia.com/advisories/62311","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62311"},{"reference_url":"http://secunia.com/advisories/62615","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62615"},{"reference_url":"http://secunia.com/advisories/62619","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62619"},{"reference_url":"https://www.ocert.org/advisories/ocert-2014-012.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.ocert.org/advisories/ocert-2014-012.html"},{"reference_url":"http://www.debian.org/security/2014/dsa-3106","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-3106"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:012","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:012"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:159","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:159"},{"reference_url":"http://www.securityfocus.com/bid/71742","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71742"},{"reference_url":"http://www.securitytracker.com/id/1033459","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1033459"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606"},{"reference_url":"http://www.ubuntu.com/usn/USN-2483-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2483-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2483-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2483-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173157","reference_id":"1173157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173157"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8137","reference_id":"CVE-2014-8137","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8137"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2021","reference_id":"RHSA-2014:2021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1713","reference_id":"RHSA-2015:1713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1713"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-8137"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f3xd-54ke-1bf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60601?format=json","vulnerability_id":"VCID-hc16-adzw-5fbz","summary":"Multiple vulnerabilities have been found in JasPer, the worst of\n    which could could allow an attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5203","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63331","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63272","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69707","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69663","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69633","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69659","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69458","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69508","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69524","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69546","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69531","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69516","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69556","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69565","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69599","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69606","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69611","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69586","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69628","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5203"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1254242","reference_id":"1254242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1254242"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2015-5203"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hc16-adzw-5fbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84826?format=json","vulnerability_id":"VCID-hmxs-jxny-j7bg","summary":"jasper: integer overflow in jpc_dec_process_siz()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9387","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55848","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56007","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55868","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55915","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55975","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55926","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5595","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55959","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5601","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56013","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56024","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56003","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55986","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56022","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56025","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55999","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55925","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55945","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5592","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9387"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/17/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/17/1"},{"reference_url":"http://www.securityfocus.com/bid/94374","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94374"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396959","reference_id":"1396959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396959"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9387","reference_id":"CVE-2016-9387","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9387"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmxs-jxny-j7bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60602?format=json","vulnerability_id":"VCID-hz9e-rv14-wfhm","summary":"Multiple vulnerabilities have been found in JasPer, the worst of\n    which could could allow an attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8751.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8751","reference_id":"","reference_type":"","scores":[{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75195","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.7497","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.74973","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75002","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.74978","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75012","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75024","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75045","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75049","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75057","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75085","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.7509","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75093","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75101","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75128","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75153","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75133","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75142","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1296949","reference_id":"1296949","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1296949"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2015-8751"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hz9e-rv14-wfhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58082?format=json","vulnerability_id":"VCID-m85g-54qv-h3at","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8157.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8157.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8157","reference_id":"","reference_type":"","scores":[{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90614","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90486","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.9049","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90501","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90507","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90519","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90525","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90533","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90527","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90545","published_at":"2026-04-16T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90544","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90543","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90558","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90557","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90554","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90565","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90582","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90594","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90591","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.906","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179282","reference_id":"1179282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179282"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0074","reference_id":"RHSA-2015:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-8157"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m85g-54qv-h3at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81454?format=json","vulnerability_id":"VCID-m93b-k4b2-zye1","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8692","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64499","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64761","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64684","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64706","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64553","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64582","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64539","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64604","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64621","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64616","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64613","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64633","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64645","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64643","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.6462","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64669","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64712","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502","reference_id":"1385502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8692"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m93b-k4b2-zye1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84778?format=json","vulnerability_id":"VCID-p4ue-y733-1ubd","summary":"jasper: signed integer overflow in jas_image_create()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9557.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9557.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9557","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29774","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29336","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29299","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29314","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29236","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29256","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29821","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29868","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29683","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29745","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29781","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29785","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2974","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2969","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29708","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29685","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29642","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29561","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29448","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29386","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29239","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9557"},{"reference_url":"https://blogs.gentoo.org/ago/2016/11/19/jasper-signed-integer-overflow-in-jas_image-c","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2016/11/19/jasper-signed-integer-overflow-in-jas_image-c"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/11/23/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/11/23/2"},{"reference_url":"http://www.securityfocus.com/bid/94490","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94490"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398251","reference_id":"1398251","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398251"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9557","reference_id":"CVE-2016-9557","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9557"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9557"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p4ue-y733-1ubd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81453?format=json","vulnerability_id":"VCID-ptkv-jw36-cbar","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8691","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64499","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64761","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64684","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64706","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64553","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64582","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64539","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64604","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64621","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64616","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64613","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64633","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64645","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64643","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.6462","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64669","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64712","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502","reference_id":"1385502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8691"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptkv-jw36-cbar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48762?format=json","vulnerability_id":"VCID-tqtm-achn-z3fg","summary":"Multiple memory management errors in JasPer might lead to execution of\n    arbitrary code via jpeg2k files.","references":[{"reference_url":"http://bugs.gentoo.org/attachment.cgi?id=163282&action=view","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/attachment.cgi?id=163282&action=view"},{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=222819","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=222819"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3522.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3522.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3522","reference_id":"","reference_type":"","scores":[{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.889","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88883","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88753","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88762","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88777","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88779","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88796","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88801","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88813","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88822","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.8882","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88817","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88833","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88838","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88848","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88865","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88877","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.88872","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522"},{"reference_url":"http://secunia.com/advisories/33173","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33173"},{"reference_url":"http://secunia.com/advisories/34391","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34391"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-18.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-18.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45623","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45623"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:142"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:144","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:144"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:164","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:164"},{"reference_url":"http://www.securityfocus.com/bid/31470","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31470"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606"},{"reference_url":"http://www.ubuntu.com/usn/USN-742-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-742-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=461478","reference_id":"461478","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=461478"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778","reference_id":"559778","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:enterprise_virtualization:3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:enterprise_virtualization:3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:enterprise_virtualization:3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3522","reference_id":"CVE-2008-3522","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3522"},{"reference_url":"https://security.gentoo.org/glsa/200812-18","reference_id":"GLSA-200812-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"},{"reference_url":"https://usn.ubuntu.com/742-1/","reference_id":"USN-742-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/742-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2008-3522"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqtm-achn-z3fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58083?format=json","vulnerability_id":"VCID-yqjj-75r1-b3ht","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8158.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8158","reference_id":"","reference_type":"","scores":[{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90975","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90827","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90843","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90854","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90865","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90872","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.9088","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90879","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90904","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90902","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90903","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90916","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90914","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90912","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90927","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90944","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90957","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90955","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06219","scoring_system":"epss","scoring_elements":"0.90965","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179298","reference_id":"1179298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179298"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0074","reference_id":"RHSA-2015:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-8158"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqjj-75r1-b3ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84844?format=json","vulnerability_id":"VCID-zhwp-sauu-b3g6","summary":"jasper: missing jas_matrix_create() parameter checks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8690","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61896","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62154","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62074","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62101","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61969","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62001","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61971","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6202","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62037","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62057","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62025","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62068","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62073","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62055","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62053","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62069","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62062","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62008","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62058","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62118","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8690"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371631?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8690"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhwp-sauu-b3g6"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62584?format=json","vulnerability_id":"VCID-hq12-wrsv-qffj","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1577","reference_id":"","reference_type":"","scores":[{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91894","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91937","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91945","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91958","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91971","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91981","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91988","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91902","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.9191","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91929","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91935","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91934","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91953","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.9195","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91951","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07729","scoring_system":"epss","scoring_elements":"0.91949","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09811","scoring_system":"epss","scoring_elements":"0.93054","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1577"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3508","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3508"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/03/12","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/03/03/12"},{"reference_url":"http://www.securityfocus.com/bid/84133","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84133"},{"reference_url":"http://www.ubuntu.com/usn/USN-2919-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2919-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314466","reference_id":"1314466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314466"},{"reference_url":"https://security.archlinux.org/AVG-88","reference_id":"AVG-88","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-88"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1577","reference_id":"CVE-2016-1577","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1577"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/2919-1/","reference_id":"USN-2919-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2919-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371599?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.1-15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4z-zk1w-33fw"},{"vulnerability":"VCID-1mns-2axr-w3a1"},{"vulnerability":"VCID-273p-y942-ekes"},{"vulnerability":"VCID-2hkv-yn4v-6kcy"},{"vulnerability":"VCID-3m5a-x31m-wqhs"},{"vulnerability":"VCID-6qcp-9kba-1khz"},{"vulnerability":"VCID-87vn-adcw-37bh"},{"vulnerability":"VCID-932v-xwug-nbfy"},{"vulnerability":"VCID-9cz2-djvk-quc6"},{"vulnerability":"VCID-9hdt-gf9q-skh8"},{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-aehh-ywwn-byee"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-d9ga-c25d-mfg5"},{"vulnerability":"VCID-dfkc-hyp3-6kbd"},{"vulnerability":"VCID-f3xd-54ke-1bf6"},{"vulnerability":"VCID-hc16-adzw-5fbz"},{"vulnerability":"VCID-hmxs-jxny-j7bg"},{"vulnerability":"VCID-hz9e-rv14-wfhm"},{"vulnerability":"VCID-m85g-54qv-h3at"},{"vulnerability":"VCID-m93b-k4b2-zye1"},{"vulnerability":"VCID-p4ue-y733-1ubd"},{"vulnerability":"VCID-ptkv-jw36-cbar"},{"vulnerability":"VCID-tqtm-achn-z3fg"},{"vulnerability":"VCID-yqjj-75r1-b3ht"},{"vulnerability":"VCID-zhwp-sauu-b3g6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.1-15"}],"aliases":["CVE-2016-1577"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hq12-wrsv-qffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62586?format=json","vulnerability_id":"VCID-np35-vr8e-wqa9","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2116","reference_id":"","reference_type":"","scores":[{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91658","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91702","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.9173","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91743","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91752","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91751","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.9176","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91666","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91671","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.9168","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91693","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.917","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91703","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91706","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91723","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91715","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91716","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91722","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91719","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0734","scoring_system":"epss","scoring_elements":"0.91718","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0933","scoring_system":"epss","scoring_elements":"0.92847","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2116"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3508","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3508"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/03/12","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/03/03/12"},{"reference_url":"http://www.securityfocus.com/bid/84133","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84133"},{"reference_url":"http://www.ubuntu.com/usn/USN-2919-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2919-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314472","reference_id":"1314472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314472"},{"reference_url":"https://security.archlinux.org/AVG-88","reference_id":"AVG-88","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-88"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2116","reference_id":"CVE-2016-2116","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/2919-1/","reference_id":"USN-2919-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2919-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371599?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.1-15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4z-zk1w-33fw"},{"vulnerability":"VCID-1mns-2axr-w3a1"},{"vulnerability":"VCID-273p-y942-ekes"},{"vulnerability":"VCID-2hkv-yn4v-6kcy"},{"vulnerability":"VCID-3m5a-x31m-wqhs"},{"vulnerability":"VCID-6qcp-9kba-1khz"},{"vulnerability":"VCID-87vn-adcw-37bh"},{"vulnerability":"VCID-932v-xwug-nbfy"},{"vulnerability":"VCID-9cz2-djvk-quc6"},{"vulnerability":"VCID-9hdt-gf9q-skh8"},{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-aehh-ywwn-byee"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-d9ga-c25d-mfg5"},{"vulnerability":"VCID-dfkc-hyp3-6kbd"},{"vulnerability":"VCID-f3xd-54ke-1bf6"},{"vulnerability":"VCID-hc16-adzw-5fbz"},{"vulnerability":"VCID-hmxs-jxny-j7bg"},{"vulnerability":"VCID-hz9e-rv14-wfhm"},{"vulnerability":"VCID-m85g-54qv-h3at"},{"vulnerability":"VCID-m93b-k4b2-zye1"},{"vulnerability":"VCID-p4ue-y733-1ubd"},{"vulnerability":"VCID-ptkv-jw36-cbar"},{"vulnerability":"VCID-tqtm-achn-z3fg"},{"vulnerability":"VCID-yqjj-75r1-b3ht"},{"vulnerability":"VCID-zhwp-sauu-b3g6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.1-15"}],"aliases":["CVE-2016-2116"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-np35-vr8e-wqa9"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.1-15"}