{"url":"http://public2.vulnerablecode.io/api/packages/9190?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.1-15","type":"alpm","namespace":"archlinux","name":"jasper","version":"1.900.1-15","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.900.5-1","latest_non_vulnerable_version":"2.0.28-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2097?format=json","vulnerability_id":"VCID-121r-bptp-sbee","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9388","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3531","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35489","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9388"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396962","reference_id":"1396962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396962"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9388"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-121r-bptp-sbee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2096?format=json","vulnerability_id":"VCID-1h44-wk3v-t3dv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9387","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56351","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5647","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396959","reference_id":"1396959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396959"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9387"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1h44-wk3v-t3dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/154586?format=json","vulnerability_id":"VCID-5mrv-xrc5-ayhc","summary":"The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4517.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4517","reference_id":"","reference_type":"","scores":[{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97539","published_at":"2026-06-12T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.9753","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html","reference_id":"071458.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html","reference_id":"071561.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html"},{"reference_url":"http://secunia.com/advisories/47193","reference_id":"47193","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47193"},{"reference_url":"http://secunia.com/advisories/47306","reference_id":"47306","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47306"},{"reference_url":"http://secunia.com/advisories/47353","reference_id":"47353","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47353"},{"reference_url":"http://www.securityfocus.com/bid/50992","reference_id":"50992","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.securityfocus.com/bid/50992"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71701","reference_id":"71701","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71701"},{"reference_url":"http://osvdb.org/77596","reference_id":"77596","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://osvdb.org/77596"},{"reference_url":"http://www.kb.cert.org/vuls/id/887409","reference_id":"887409","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.kb.cert.org/vuls/id/887409"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html","reference_id":"cpujan2012-366304.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21660640","reference_id":"docview.wss?uid=swg21660640","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21660640"},{"reference_url":"http://www.debian.org/security/2011/dsa-2371","reference_id":"dsa-2371","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.debian.org/security/2011/dsa-2371"},{"reference_url":"https://security.gentoo.org/glsa/201201-10","reference_id":"GLSA-201201-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-10"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1807","reference_id":"RHSA-2011:1807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1807"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-1807.html","reference_id":"RHSA-2011-1807.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2011-1807.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1811","reference_id":"RHSA-2011:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1811"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-1811.html","reference_id":"RHSA-2011-1811.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2011-1811.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"RHSA-2015-0698.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726","reference_id":"show_bug.cgi?id=747726","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726"},{"reference_url":"https://usn.ubuntu.com/1315-1/","reference_id":"USN-1315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1315-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-1315-1","reference_id":"USN-1315-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.ubuntu.com/usn/USN-1315-1"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606","reference_id":"viewer.php?l=slackware-security&y=2015&m=slackware-security.538606","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2011-4517"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5mrv-xrc5-ayhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182740?format=json","vulnerability_id":"VCID-8ywb-6m8s-gkht","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8693","reference_id":"","reference_type":"","scores":[{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70351","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70441","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385507","reference_id":"1385507","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385507"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8693"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ywb-6m8s-gkht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/959?format=json","vulnerability_id":"VCID-9mpt-np7g-1ybd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1867","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.68008","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.68096","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298135","reference_id":"1298135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298135"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2016-1867"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mpt-np7g-1ybd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113205?format=json","vulnerability_id":"VCID-cgc6-vdsk-yyhs","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8157.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8157.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8157","reference_id":"","reference_type":"","scores":[{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90731","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90761","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179282","reference_id":"1179282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179282"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0074","reference_id":"RHSA-2015:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-8157"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cgc6-vdsk-yyhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2129?format=json","vulnerability_id":"VCID-cq9r-g1gn-sban","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9557.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9557.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9557","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29342","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29543","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9557"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398251","reference_id":"1398251","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398251"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9557"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cq9r-g1gn-sban"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113184?format=json","vulnerability_id":"VCID-dkh6-g99z-tkec","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8137.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8137","reference_id":"","reference_type":"","scores":[{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96898","published_at":"2026-06-11T12:55:00Z"},{"value":"0.31457","scoring_system":"epss","scoring_elements":"0.96909","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173157","reference_id":"1173157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173157"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2021","reference_id":"RHSA-2014:2021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1713","reference_id":"RHSA-2015:1713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1713"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-8137"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dkh6-g99z-tkec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180648?format=json","vulnerability_id":"VCID-egc9-qr22-n3bn","summary":"Multiple memory management errors in JasPer might lead to execution of\n    arbitrary code via jpeg2k files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3520.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3520.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3520","reference_id":"","reference_type":"","scores":[{"value":"0.02615","scoring_system":"epss","scoring_elements":"0.85981","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02615","scoring_system":"epss","scoring_elements":"0.86031","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=461476","reference_id":"461476","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=461476"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778","reference_id":"559778","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/200812-18","reference_id":"GLSA-200812-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0012","reference_id":"RHSA-2009:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"},{"reference_url":"https://usn.ubuntu.com/742-1/","reference_id":"USN-742-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/742-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2008-3520"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egc9-qr22-n3bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/437?format=json","vulnerability_id":"VCID-f31a-z3bg-rba5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5203","reference_id":"","reference_type":"","scores":[{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.70013","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.70104","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5203"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1254242","reference_id":"1254242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1254242"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2015-5203"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f31a-z3bg-rba5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/438?format=json","vulnerability_id":"VCID-hyx5-ayvc-b7ek","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5221","reference_id":"","reference_type":"","scores":[{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45879","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.46024","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5221"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1255710","reference_id":"1255710","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1255710"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2015-5221"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hyx5-ayvc-b7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2072?format=json","vulnerability_id":"VCID-j7r6-ywk3-4fhc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9262","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63203","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63305","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9262"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393882","reference_id":"1393882","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393882"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9262"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j7r6-ywk3-4fhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2000?format=json","vulnerability_id":"VCID-jzpu-vxgx-kqa7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8692","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.65042","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.65142","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502","reference_id":"1385502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8692"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jzpu-vxgx-kqa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2019?format=json","vulnerability_id":"VCID-m657-9ypv-uua8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8884","reference_id":"","reference_type":"","scores":[{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61586","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00407","scoring_system":"epss","scoring_elements":"0.61689","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8884"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m657-9ypv-uua8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185080?format=json","vulnerability_id":"VCID-pyk5-r5r8-27hj","summary":"Multiple vulnerabilities have been found in JasPer, the worst of\n    which could could allow an attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8751.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8751","reference_id":"","reference_type":"","scores":[{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75456","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75527","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1296949","reference_id":"1296949","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1296949"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://security.gentoo.org/glsa/201707-07","reference_id":"GLSA-201707-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2015-8751"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pyk5-r5r8-27hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180649?format=json","vulnerability_id":"VCID-qhhm-c2jn-fqew","summary":"Multiple memory management errors in JasPer might lead to execution of\n    arbitrary code via jpeg2k files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3522.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3522.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3522","reference_id":"","reference_type":"","scores":[{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.89048","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0425","scoring_system":"epss","scoring_elements":"0.89085","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=461478","reference_id":"461478","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=461478"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778","reference_id":"559778","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/200812-18","reference_id":"GLSA-200812-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"},{"reference_url":"https://usn.ubuntu.com/742-1/","reference_id":"USN-742-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/742-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2008-3522"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qhhm-c2jn-fqew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113185?format=json","vulnerability_id":"VCID-qptc-pvnq-r3ds","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8138.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8138","reference_id":"","reference_type":"","scores":[{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90797","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05895","scoring_system":"epss","scoring_elements":"0.90827","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173162","reference_id":"1173162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173162"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2021","reference_id":"RHSA-2014:2021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1713","reference_id":"RHSA-2015:1713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1713"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-8138"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qptc-pvnq-r3ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1998?format=json","vulnerability_id":"VCID-qujt-7z1t-zugt","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8690","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62454","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62556","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8690"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8690"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qujt-7z1t-zugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180535?format=json","vulnerability_id":"VCID-rdkh-ysfm-c3e5","summary":"Multiple memory management errors in JasPer could result in\n    execution of arbitrary code or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4516.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4516.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4516","reference_id":"","reference_type":"","scores":[{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97781","published_at":"2026-06-11T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97791","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4516"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201201-10","reference_id":"GLSA-201201-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1807","reference_id":"RHSA-2011:1807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1811","reference_id":"RHSA-2011:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1315-1/","reference_id":"USN-1315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1315-1/"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2011-4516"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rdkh-ysfm-c3e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2020?format=json","vulnerability_id":"VCID-tt1m-8h4u-cyex","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8885","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57981","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.58093","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8885"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499","reference_id":"1385499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385499"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8885"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tt1m-8h4u-cyex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/995?format=json","vulnerability_id":"VCID-u8m6-3qxe-pkhq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2089","reference_id":"","reference_type":"","scores":[{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73904","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00766","scoring_system":"epss","scoring_elements":"0.73978","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302636","reference_id":"1302636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1302636"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-2089"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8m6-3qxe-pkhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1999?format=json","vulnerability_id":"VCID-va9y-py4k-eucj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8691","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.65042","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.65142","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502","reference_id":"1385502","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385502"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8691"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va9y-py4k-eucj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113529?format=json","vulnerability_id":"VCID-vwas-qptn-nfcv","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9029.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9029","reference_id":"","reference_type":"","scores":[{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96979","published_at":"2026-06-11T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96989","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1167537","reference_id":"1167537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1167537"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2021","reference_id":"RHSA-2014:2021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/2434-1/","reference_id":"USN-2434-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2434-1/"},{"reference_url":"https://usn.ubuntu.com/2434-2/","reference_id":"USN-2434-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2434-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-9029"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vwas-qptn-nfcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2022?format=json","vulnerability_id":"VCID-yrtx-perk-eqew","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8887.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8887.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8887","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44636","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44787","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8887"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388828","reference_id":"1388828","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388828"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://usn.ubuntu.com/3693-1/","reference_id":"USN-3693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-8887"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yrtx-perk-eqew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2131?format=json","vulnerability_id":"VCID-z79p-sdmd-huaq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9560","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46079","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46224","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398256","reference_id":"1398256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1398256"},{"reference_url":"https://security.archlinux.org/ASA-201612-9","reference_id":"ASA-201612-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-9"},{"reference_url":"https://security.archlinux.org/AVG-14","reference_id":"AVG-14","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/3295-1/","reference_id":"USN-3295-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3295-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9222?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.31-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.31-1"}],"aliases":["CVE-2016-9560"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z79p-sdmd-huaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113207?format=json","vulnerability_id":"VCID-z8hr-e4ud-7fb5","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8158.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8158","reference_id":"","reference_type":"","scores":[{"value":"0.04918","scoring_system":"epss","scoring_elements":"0.89842","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04918","scoring_system":"epss","scoring_elements":"0.89875","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179298","reference_id":"1179298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179298"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0074","reference_id":"RHSA-2015:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9191?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"}],"aliases":["CVE-2014-8158"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8hr-e4ud-7fb5"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/938?format=json","vulnerability_id":"VCID-32qy-tbnj-8qfh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1577","reference_id":"","reference_type":"","scores":[{"value":"0.09811","scoring_system":"epss","scoring_elements":"0.93141","published_at":"2026-06-11T12:55:00Z"},{"value":"0.09811","scoring_system":"epss","scoring_elements":"0.93164","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314466","reference_id":"1314466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314466"},{"reference_url":"https://security.archlinux.org/AVG-88","reference_id":"AVG-88","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/2919-1/","reference_id":"USN-2919-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2919-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9190?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.1-15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-121r-bptp-sbee"},{"vulnerability":"VCID-1h44-wk3v-t3dv"},{"vulnerability":"VCID-5mrv-xrc5-ayhc"},{"vulnerability":"VCID-8ywb-6m8s-gkht"},{"vulnerability":"VCID-9mpt-np7g-1ybd"},{"vulnerability":"VCID-cgc6-vdsk-yyhs"},{"vulnerability":"VCID-cq9r-g1gn-sban"},{"vulnerability":"VCID-dkh6-g99z-tkec"},{"vulnerability":"VCID-egc9-qr22-n3bn"},{"vulnerability":"VCID-f31a-z3bg-rba5"},{"vulnerability":"VCID-hyx5-ayvc-b7ek"},{"vulnerability":"VCID-j7r6-ywk3-4fhc"},{"vulnerability":"VCID-jzpu-vxgx-kqa7"},{"vulnerability":"VCID-m657-9ypv-uua8"},{"vulnerability":"VCID-pyk5-r5r8-27hj"},{"vulnerability":"VCID-qhhm-c2jn-fqew"},{"vulnerability":"VCID-qptc-pvnq-r3ds"},{"vulnerability":"VCID-qujt-7z1t-zugt"},{"vulnerability":"VCID-rdkh-ysfm-c3e5"},{"vulnerability":"VCID-tt1m-8h4u-cyex"},{"vulnerability":"VCID-u8m6-3qxe-pkhq"},{"vulnerability":"VCID-va9y-py4k-eucj"},{"vulnerability":"VCID-vwas-qptn-nfcv"},{"vulnerability":"VCID-yrtx-perk-eqew"},{"vulnerability":"VCID-z79p-sdmd-huaq"},{"vulnerability":"VCID-z8hr-e4ud-7fb5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.1-15"}],"aliases":["CVE-2016-1577"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32qy-tbnj-8qfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1010?format=json","vulnerability_id":"VCID-yja8-gu5n-zkeu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2116","reference_id":"","reference_type":"","scores":[{"value":"0.0933","scoring_system":"epss","scoring_elements":"0.92942","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0933","scoring_system":"epss","scoring_elements":"0.92966","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314472","reference_id":"1314472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314472"},{"reference_url":"https://security.archlinux.org/AVG-88","reference_id":"AVG-88","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1208","reference_id":"RHSA-2017:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"reference_url":"https://usn.ubuntu.com/2919-1/","reference_id":"USN-2919-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2919-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9190?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.1-15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-121r-bptp-sbee"},{"vulnerability":"VCID-1h44-wk3v-t3dv"},{"vulnerability":"VCID-5mrv-xrc5-ayhc"},{"vulnerability":"VCID-8ywb-6m8s-gkht"},{"vulnerability":"VCID-9mpt-np7g-1ybd"},{"vulnerability":"VCID-cgc6-vdsk-yyhs"},{"vulnerability":"VCID-cq9r-g1gn-sban"},{"vulnerability":"VCID-dkh6-g99z-tkec"},{"vulnerability":"VCID-egc9-qr22-n3bn"},{"vulnerability":"VCID-f31a-z3bg-rba5"},{"vulnerability":"VCID-hyx5-ayvc-b7ek"},{"vulnerability":"VCID-j7r6-ywk3-4fhc"},{"vulnerability":"VCID-jzpu-vxgx-kqa7"},{"vulnerability":"VCID-m657-9ypv-uua8"},{"vulnerability":"VCID-pyk5-r5r8-27hj"},{"vulnerability":"VCID-qhhm-c2jn-fqew"},{"vulnerability":"VCID-qptc-pvnq-r3ds"},{"vulnerability":"VCID-qujt-7z1t-zugt"},{"vulnerability":"VCID-rdkh-ysfm-c3e5"},{"vulnerability":"VCID-tt1m-8h4u-cyex"},{"vulnerability":"VCID-u8m6-3qxe-pkhq"},{"vulnerability":"VCID-va9y-py4k-eucj"},{"vulnerability":"VCID-vwas-qptn-nfcv"},{"vulnerability":"VCID-yrtx-perk-eqew"},{"vulnerability":"VCID-z79p-sdmd-huaq"},{"vulnerability":"VCID-z8hr-e4ud-7fb5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.1-15"}],"aliases":["CVE-2016-2116"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yja8-gu5n-zkeu"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.1-15"}