Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:alpm/archlinux/jasper@1.900.5-1

Type alpm

Namespace archlinux

Name jasper

Version 1.900.5-1

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.900.20-1

Latest_non_vulnerable_version 2.0.28-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5mrv-xrc5-ayhc

vulnerability_id VCID-5mrv-xrc5-ayhc

summary The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4517.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4517.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4517

reference_id

reference_type

scores

value	0.4213
scoring_system	epss
scoring_elements	0.97539
published_at	2026-06-12T12:55:00Z

value	0.4213
scoring_system	epss
scoring_elements	0.9753
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html

reference_id

071458.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html

reference_id

071561.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html

reference_url

http://secunia.com/advisories/47193

reference_id

47193

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://secunia.com/advisories/47193

reference_url

http://secunia.com/advisories/47306

reference_id

47306

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://secunia.com/advisories/47306

reference_url

http://secunia.com/advisories/47353

reference_id

47353

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://secunia.com/advisories/47353

reference_url

http://www.securityfocus.com/bid/50992

reference_id

50992

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www.securityfocus.com/bid/50992

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/71701

reference_id

71701

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/71701

reference_url

http://osvdb.org/77596

reference_id

77596

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://osvdb.org/77596

reference_url

http://www.kb.cert.org/vuls/id/887409

reference_id

887409

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www.kb.cert.org/vuls/id/887409

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url

http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

reference_id

cpujan2012-366304.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21660640

reference_id

docview.wss?uid=swg21660640

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www-01.ibm.com/support/docview.wss?uid=swg21660640

reference_url

http://www.debian.org/security/2011/dsa-2371

reference_id

dsa-2371

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www.debian.org/security/2011/dsa-2371

reference_url	https://security.gentoo.org/glsa/201201-10
reference_id	GLSA-201201-10
reference_type
scores
url	https://security.gentoo.org/glsa/201201-10

reference_url

http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2011:1807
reference_id	RHSA-2011:1807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1807

reference_url

http://www.redhat.com/support/errata/RHSA-2011-1807.html

reference_id

RHSA-2011-1807.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www.redhat.com/support/errata/RHSA-2011-1807.html

reference_url	https://access.redhat.com/errata/RHSA-2011:1811
reference_id	RHSA-2011:1811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1811

reference_url

http://www.redhat.com/support/errata/RHSA-2011-1811.html

reference_id

RHSA-2011-1811.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www.redhat.com/support/errata/RHSA-2011-1811.html

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url

http://rhn.redhat.com/errata/RHSA-2015-0698.html

reference_id

RHSA-2015-0698.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://rhn.redhat.com/errata/RHSA-2015-0698.html

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=747726

reference_id

show_bug.cgi?id=747726

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=747726

reference_url	https://usn.ubuntu.com/1315-1/
reference_id	USN-1315-1
reference_type
scores
url	https://usn.ubuntu.com/1315-1/

reference_url

http://www.ubuntu.com/usn/USN-1315-1

reference_id

USN-1315-1

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www.ubuntu.com/usn/USN-1315-1

reference_url	https://usn.ubuntu.com/1317-1/
reference_id	USN-1317-1
reference_type
scores
url	https://usn.ubuntu.com/1317-1/

reference_url

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606

reference_id

viewer.php?l=slackware-security&y=2015&m=slackware-security.538606

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/

url

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2011-4517

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5mrv-xrc5-ayhc

url VCID-9mpt-np7g-1ybd

vulnerability_id VCID-9mpt-np7g-1ybd

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1867

reference_id

reference_type

scores

value	0.00538
scoring_system	epss
scoring_elements	0.68008
published_at	2026-06-11T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.68096
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8882

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1298135
reference_id	1298135
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1298135

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://access.redhat.com/errata/RHSA-2017:1208
reference_id	RHSA-2017:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1208

reference_url	https://usn.ubuntu.com/3295-1/
reference_id	USN-3295-1
reference_type
scores
url	https://usn.ubuntu.com/3295-1/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2016-1867

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mpt-np7g-1ybd

url VCID-cgc6-vdsk-yyhs

vulnerability_id VCID-cgc6-vdsk-yyhs

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8157.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8157.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8157

reference_id

reference_type

scores

value	0.05821
scoring_system	epss
scoring_elements	0.90731
published_at	2026-06-11T12:55:00Z

value	0.05821
scoring_system	epss
scoring_elements	0.90761
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1179282
reference_id	1179282
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1179282

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/201503-01
reference_id	GLSA-201503-01
reference_type
scores
url	https://security.gentoo.org/glsa/201503-01

reference_url	https://access.redhat.com/errata/RHSA-2015:0074
reference_id	RHSA-2015:0074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0074

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://usn.ubuntu.com/2483-1/
reference_id	USN-2483-1
reference_type
scores
url	https://usn.ubuntu.com/2483-1/

reference_url	https://usn.ubuntu.com/2483-2/
reference_id	USN-2483-2
reference_type
scores
url	https://usn.ubuntu.com/2483-2/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2014-8157

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cgc6-vdsk-yyhs

url VCID-dkh6-g99z-tkec

vulnerability_id VCID-dkh6-g99z-tkec

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8137.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8137.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8137

reference_id

reference_type

scores

value	0.31457
scoring_system	epss
scoring_elements	0.96898
published_at	2026-06-11T12:55:00Z

value	0.31457
scoring_system	epss
scoring_elements	0.96909
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8137

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1173157
reference_id	1173157
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1173157

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/201503-01
reference_id	GLSA-201503-01
reference_type
scores
url	https://security.gentoo.org/glsa/201503-01

reference_url	https://access.redhat.com/errata/RHSA-2014:2021
reference_id	RHSA-2014:2021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:2021

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://access.redhat.com/errata/RHSA-2015:1713
reference_id	RHSA-2015:1713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1713

reference_url	https://usn.ubuntu.com/2483-1/
reference_id	USN-2483-1
reference_type
scores
url	https://usn.ubuntu.com/2483-1/

reference_url	https://usn.ubuntu.com/2483-2/
reference_id	USN-2483-2
reference_type
scores
url	https://usn.ubuntu.com/2483-2/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2014-8137

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dkh6-g99z-tkec

url VCID-egc9-qr22-n3bn

vulnerability_id VCID-egc9-qr22-n3bn

summary

Multiple memory management errors in JasPer might lead to execution of
    arbitrary code via jpeg2k files.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3520.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3520.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3520

reference_id

reference_type

scores

value	0.02615
scoring_system	epss
scoring_elements	0.85981
published_at	2026-06-11T12:55:00Z

value	0.02615
scoring_system	epss
scoring_elements	0.86031
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=461476
reference_id	461476
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=461476

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778
reference_id	559778
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/200812-18
reference_id	GLSA-200812-18
reference_type
scores
url	https://security.gentoo.org/glsa/200812-18

reference_url	https://access.redhat.com/errata/RHSA-2009:0012
reference_id	RHSA-2009:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0012

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://usn.ubuntu.com/1317-1/
reference_id	USN-1317-1
reference_type
scores
url	https://usn.ubuntu.com/1317-1/

reference_url	https://usn.ubuntu.com/742-1/
reference_id	USN-742-1
reference_type
scores
url	https://usn.ubuntu.com/742-1/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2008-3520

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-egc9-qr22-n3bn

url VCID-hyx5-ayvc-b7ek

vulnerability_id VCID-hyx5-ayvc-b7ek

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5221.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5221

reference_id

reference_type

scores

value	0.00229
scoring_system	epss
scoring_elements	0.45879
published_at	2026-06-11T12:55:00Z

value	0.00229
scoring_system	epss
scoring_elements	0.46024
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5221

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1255710
reference_id	1255710
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1255710

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://access.redhat.com/errata/RHSA-2017:1208
reference_id	RHSA-2017:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1208

reference_url	https://usn.ubuntu.com/3693-1/
reference_id	USN-3693-1
reference_type
scores
url	https://usn.ubuntu.com/3693-1/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2015-5221

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hyx5-ayvc-b7ek

url VCID-qhhm-c2jn-fqew

vulnerability_id VCID-qhhm-c2jn-fqew

summary

Multiple memory management errors in JasPer might lead to execution of
    arbitrary code via jpeg2k files.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3522.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3522.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3522

reference_id

reference_type

scores

value	0.0425
scoring_system	epss
scoring_elements	0.89048
published_at	2026-06-11T12:55:00Z

value	0.0425
scoring_system	epss
scoring_elements	0.89085
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3522

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=461478
reference_id	461478
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=461478

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778
reference_id	559778
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559778

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/200812-18
reference_id	GLSA-200812-18
reference_type
scores
url	https://security.gentoo.org/glsa/200812-18

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://usn.ubuntu.com/1317-1/
reference_id	USN-1317-1
reference_type
scores
url	https://usn.ubuntu.com/1317-1/

reference_url	https://usn.ubuntu.com/742-1/
reference_id	USN-742-1
reference_type
scores
url	https://usn.ubuntu.com/742-1/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2008-3522

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhhm-c2jn-fqew

url VCID-qptc-pvnq-r3ds

vulnerability_id VCID-qptc-pvnq-r3ds

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8138.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8138.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8138

reference_id

reference_type

scores

value	0.05895
scoring_system	epss
scoring_elements	0.90797
published_at	2026-06-11T12:55:00Z

value	0.05895
scoring_system	epss
scoring_elements	0.90827
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8138

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1173162
reference_id	1173162
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1173162

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/201503-01
reference_id	GLSA-201503-01
reference_type
scores
url	https://security.gentoo.org/glsa/201503-01

reference_url	https://access.redhat.com/errata/RHSA-2014:2021
reference_id	RHSA-2014:2021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:2021

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://access.redhat.com/errata/RHSA-2015:1713
reference_id	RHSA-2015:1713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1713

reference_url	https://usn.ubuntu.com/2483-1/
reference_id	USN-2483-1
reference_type
scores
url	https://usn.ubuntu.com/2483-1/

reference_url	https://usn.ubuntu.com/2483-2/
reference_id	USN-2483-2
reference_type
scores
url	https://usn.ubuntu.com/2483-2/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2014-8138

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qptc-pvnq-r3ds

url VCID-rdkh-ysfm-c3e5

vulnerability_id VCID-rdkh-ysfm-c3e5

summary

Multiple memory management errors in JasPer could result in
    execution of arbitrary code or a Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4516.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4516.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4516

reference_id

reference_type

scores

value	0.47823
scoring_system	epss
scoring_elements	0.97781
published_at	2026-06-11T12:55:00Z

value	0.47823
scoring_system	epss
scoring_elements	0.97791
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4516

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/201201-10
reference_id	GLSA-201201-10
reference_type
scores
url	https://security.gentoo.org/glsa/201201-10

reference_url	https://access.redhat.com/errata/RHSA-2011:1807
reference_id	RHSA-2011:1807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1807

reference_url	https://access.redhat.com/errata/RHSA-2011:1811
reference_id	RHSA-2011:1811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1811

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://usn.ubuntu.com/1315-1/
reference_id	USN-1315-1
reference_type
scores
url	https://usn.ubuntu.com/1315-1/

reference_url	https://usn.ubuntu.com/1317-1/
reference_id	USN-1317-1
reference_type
scores
url	https://usn.ubuntu.com/1317-1/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2011-4516

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdkh-ysfm-c3e5

url VCID-vwas-qptn-nfcv

vulnerability_id VCID-vwas-qptn-nfcv

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9029.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9029.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9029

reference_id

reference_type

scores

value	0.32606
scoring_system	epss
scoring_elements	0.96979
published_at	2026-06-11T12:55:00Z

value	0.32606
scoring_system	epss
scoring_elements	0.96989
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9029

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1167537
reference_id	1167537
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1167537

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/201503-01
reference_id	GLSA-201503-01
reference_type
scores
url	https://security.gentoo.org/glsa/201503-01

reference_url	https://access.redhat.com/errata/RHSA-2014:2021
reference_id	RHSA-2014:2021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:2021

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://usn.ubuntu.com/2434-1/
reference_id	USN-2434-1
reference_type
scores
url	https://usn.ubuntu.com/2434-1/

reference_url	https://usn.ubuntu.com/2434-2/
reference_id	USN-2434-2
reference_type
scores
url	https://usn.ubuntu.com/2434-2/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2014-9029

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vwas-qptn-nfcv

url VCID-z8hr-e4ud-7fb5

vulnerability_id VCID-z8hr-e4ud-7fb5

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8158.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8158.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8158

reference_id

reference_type

scores

value	0.04918
scoring_system	epss
scoring_elements	0.89842
published_at	2026-06-11T12:55:00Z

value	0.04918
scoring_system	epss
scoring_elements	0.89875
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1179298
reference_id	1179298
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1179298

reference_url

https://security.archlinux.org/AVG-99

reference_id

AVG-99

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-99

reference_url	https://security.gentoo.org/glsa/201503-01
reference_id	GLSA-201503-01
reference_type
scores
url	https://security.gentoo.org/glsa/201503-01

reference_url	https://access.redhat.com/errata/RHSA-2015:0074
reference_id	RHSA-2015:0074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0074

reference_url	https://access.redhat.com/errata/RHSA-2015:0698
reference_id	RHSA-2015:0698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0698

reference_url	https://usn.ubuntu.com/2483-1/
reference_id	USN-2483-1
reference_type
scores
url	https://usn.ubuntu.com/2483-1/

reference_url	https://usn.ubuntu.com/2483-2/
reference_id	USN-2483-2
reference_type
scores
url	https://usn.ubuntu.com/2483-2/

fixed_packages

url	pkg:alpm/archlinux/jasper@1.900.5-1
purl	pkg:alpm/archlinux/jasper@1.900.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

aliases CVE-2014-8158

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8hr-e4ud-7fb5

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1

Package Instance