{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58477?format=json","vulnerability_id":"VCID-9kqw-qv6w-zugt","summary":"security update","aliases":[{"alias":"CVE-2014-9029"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371600?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"},{"url":"http://public2.vulnerablecode.io/api/packages/571378?format=json","purl":"pkg:deb/debian/jasper@1.900.1-13%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m5a-x31m-wqhs"},{"vulnerability":"VCID-6qcp-9kba-1khz"},{"vulnerability":"VCID-9hdt-gf9q-skh8"},{"vulnerability":"VCID-bpmw-qhm1-audu"},{"vulnerability":"VCID-d9ga-c25d-mfg5"},{"vulnerability":"VCID-hq12-wrsv-qffj"},{"vulnerability":"VCID-k363-jg3m-1yhz"},{"vulnerability":"VCID-m93b-k4b2-zye1"},{"vulnerability":"VCID-np35-vr8e-wqa9"},{"vulnerability":"VCID-ptkv-jw36-cbar"},{"vulnerability":"VCID-rnuc-wtg3-r3cc"},{"vulnerability":"VCID-td6h-jus8-vfe9"},{"vulnerability":"VCID-wrwt-qqrc-s7at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-13%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/85711?format=json","purl":"pkg:ebuild/media-libs/jasper@1.900.1-r9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/jasper@1.900.1-r9"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371599?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.1-15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e4z-zk1w-33fw"},{"vulnerability":"VCID-1mns-2axr-w3a1"},{"vulnerability":"VCID-273p-y942-ekes"},{"vulnerability":"VCID-2hkv-yn4v-6kcy"},{"vulnerability":"VCID-3m5a-x31m-wqhs"},{"vulnerability":"VCID-6qcp-9kba-1khz"},{"vulnerability":"VCID-87vn-adcw-37bh"},{"vulnerability":"VCID-932v-xwug-nbfy"},{"vulnerability":"VCID-9cz2-djvk-quc6"},{"vulnerability":"VCID-9hdt-gf9q-skh8"},{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-aehh-ywwn-byee"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-d9ga-c25d-mfg5"},{"vulnerability":"VCID-dfkc-hyp3-6kbd"},{"vulnerability":"VCID-f3xd-54ke-1bf6"},{"vulnerability":"VCID-hc16-adzw-5fbz"},{"vulnerability":"VCID-hmxs-jxny-j7bg"},{"vulnerability":"VCID-hz9e-rv14-wfhm"},{"vulnerability":"VCID-m85g-54qv-h3at"},{"vulnerability":"VCID-m93b-k4b2-zye1"},{"vulnerability":"VCID-p4ue-y733-1ubd"},{"vulnerability":"VCID-ptkv-jw36-cbar"},{"vulnerability":"VCID-tqtm-achn-z3fg"},{"vulnerability":"VCID-yqjj-75r1-b3ht"},{"vulnerability":"VCID-zhwp-sauu-b3g6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.1-15"},{"url":"http://public2.vulnerablecode.io/api/packages/571374?format=json","purl":"pkg:deb/debian/jasper@1.701.0-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m5a-x31m-wqhs"},{"vulnerability":"VCID-6qcp-9kba-1khz"},{"vulnerability":"VCID-9hdt-gf9q-skh8"},{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-bpmw-qhm1-audu"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-d9ga-c25d-mfg5"},{"vulnerability":"VCID-f3xd-54ke-1bf6"},{"vulnerability":"VCID-hq12-wrsv-qffj"},{"vulnerability":"VCID-k363-jg3m-1yhz"},{"vulnerability":"VCID-m85g-54qv-h3at"},{"vulnerability":"VCID-m93b-k4b2-zye1"},{"vulnerability":"VCID-np35-vr8e-wqa9"},{"vulnerability":"VCID-ptkv-jw36-cbar"},{"vulnerability":"VCID-rnuc-wtg3-r3cc"},{"vulnerability":"VCID-td6h-jus8-vfe9"},{"vulnerability":"VCID-wrwt-qqrc-s7at"},{"vulnerability":"VCID-yqjj-75r1-b3ht"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.701.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/571375?format=json","purl":"pkg:deb/debian/jasper@1.900.1-5.1%2Blenny2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m5a-x31m-wqhs"},{"vulnerability":"VCID-6qcp-9kba-1khz"},{"vulnerability":"VCID-9hdt-gf9q-skh8"},{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-bpmw-qhm1-audu"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-d9ga-c25d-mfg5"},{"vulnerability":"VCID-f3xd-54ke-1bf6"},{"vulnerability":"VCID-hq12-wrsv-qffj"},{"vulnerability":"VCID-k363-jg3m-1yhz"},{"vulnerability":"VCID-m85g-54qv-h3at"},{"vulnerability":"VCID-m93b-k4b2-zye1"},{"vulnerability":"VCID-np35-vr8e-wqa9"},{"vulnerability":"VCID-ptkv-jw36-cbar"},{"vulnerability":"VCID-rnuc-wtg3-r3cc"},{"vulnerability":"VCID-td6h-jus8-vfe9"},{"vulnerability":"VCID-wrwt-qqrc-s7at"},{"vulnerability":"VCID-yqjj-75r1-b3ht"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-5.1%252Blenny2"},{"url":"http://public2.vulnerablecode.io/api/packages/571376?format=json","purl":"pkg:deb/debian/jasper@1.900.1-7%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m5a-x31m-wqhs"},{"vulnerability":"VCID-6qcp-9kba-1khz"},{"vulnerability":"VCID-9hdt-gf9q-skh8"},{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-bpmw-qhm1-audu"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-d9ga-c25d-mfg5"},{"vulnerability":"VCID-f3xd-54ke-1bf6"},{"vulnerability":"VCID-hq12-wrsv-qffj"},{"vulnerability":"VCID-k363-jg3m-1yhz"},{"vulnerability":"VCID-m85g-54qv-h3at"},{"vulnerability":"VCID-m93b-k4b2-zye1"},{"vulnerability":"VCID-np35-vr8e-wqa9"},{"vulnerability":"VCID-ptkv-jw36-cbar"},{"vulnerability":"VCID-rnuc-wtg3-r3cc"},{"vulnerability":"VCID-td6h-jus8-vfe9"},{"vulnerability":"VCID-wrwt-qqrc-s7at"},{"vulnerability":"VCID-yqjj-75r1-b3ht"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-7%252Bsqueeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/571377?format=json","purl":"pkg:deb/debian/jasper@1.900.1-7%2Bsqueeze4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m5a-x31m-wqhs"},{"vulnerability":"VCID-6qcp-9kba-1khz"},{"vulnerability":"VCID-9hdt-gf9q-skh8"},{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-bpmw-qhm1-audu"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-d9ga-c25d-mfg5"},{"vulnerability":"VCID-f3xd-54ke-1bf6"},{"vulnerability":"VCID-hq12-wrsv-qffj"},{"vulnerability":"VCID-k363-jg3m-1yhz"},{"vulnerability":"VCID-m85g-54qv-h3at"},{"vulnerability":"VCID-m93b-k4b2-zye1"},{"vulnerability":"VCID-np35-vr8e-wqa9"},{"vulnerability":"VCID-ptkv-jw36-cbar"},{"vulnerability":"VCID-rnuc-wtg3-r3cc"},{"vulnerability":"VCID-td6h-jus8-vfe9"},{"vulnerability":"VCID-wrwt-qqrc-s7at"},{"vulnerability":"VCID-yqjj-75r1-b3ht"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jasper@1.900.1-7%252Bsqueeze4"},{"url":"http://public2.vulnerablecode.io/api/packages/120568?format=json","purl":"pkg:rpm/redhat/jasper@1.900.1-16.el6_6?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-f3xd-54ke-1bf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-16.el6_6%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/120569?format=json","purl":"pkg:rpm/redhat/jasper@1.900.1-26.el7_0?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9kqw-qv6w-zugt"},{"vulnerability":"VCID-ckw2-w524-k3gz"},{"vulnerability":"VCID-f3xd-54ke-1bf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-26.el7_0%3Farch=2"}],"references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0514.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0514.html"},{"reference_url":"http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-2021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-2021.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9029.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9029","reference_id":"","reference_type":"","scores":[{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96919","published_at":"2026-05-14T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96908","published_at":"2026-05-12T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96835","published_at":"2026-04-01T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96842","published_at":"2026-04-02T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96844","published_at":"2026-04-04T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96848","published_at":"2026-04-07T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96857","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96858","published_at":"2026-04-09T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96861","published_at":"2026-04-11T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96862","published_at":"2026-04-12T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96863","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.9687","published_at":"2026-04-16T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96874","published_at":"2026-04-18T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96876","published_at":"2026-04-21T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96877","published_at":"2026-04-24T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96879","published_at":"2026-04-26T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96883","published_at":"2026-04-29T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.9689","published_at":"2026-05-05T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96894","published_at":"2026-05-07T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.969","published_at":"2026-05-09T12:55:00Z"},{"value":"0.32606","scoring_system":"epss","scoring_elements":"0.96903","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029"},{"reference_url":"http://secunia.com/advisories/61747","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61747"},{"reference_url":"http://secunia.com/advisories/62828","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62828"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/99125","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/99125"},{"reference_url":"http://www.debian.org/security/2014/dsa-3089","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-3089"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:247","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:247"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:159","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:159"},{"reference_url":"http://www.ocert.org/advisories/ocert-2014-009.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.ocert.org/advisories/ocert-2014-009.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/12/04/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/12/04/9"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.securityfocus.com/archive/1/534153/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/534153/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/71476","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71476"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606"},{"reference_url":"http://www.ubuntu.com/usn/USN-2434-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2434-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2434-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2434-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1167537","reference_id":"1167537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1167537"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9029","reference_id":"CVE-2014-9029","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9029"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2021","reference_id":"RHSA-2014:2021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/2434-1/","reference_id":"USN-2434-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2434-1/"},{"reference_url":"https://usn.ubuntu.com/2434-2/","reference_id":"USN-2434-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2434-2/"}],"weaknesses":[{"cwe_id":193,"name":"Off-by-one Error","description":"A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value."},{"cwe_id":122,"name":"Heap-based Buffer Overflow","description":"A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc()."},{"cwe_id":189,"name":"Numeric Errors","description":"Weaknesses in this category are related to improper calculation or conversion of numbers."}],"exploits":[],"severity_range_score":"7.5 - 10.0","exploitability":"0.5","weighted_severity":"9.0","risk_score":4.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9kqw-qv6w-zugt"}