{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67785?format=json","vulnerability_id":"VCID-394p-w1c7-y3a4","summary":"jasper: dec->numtiles off-by-one check in jpc_dec_process_sot() (oCERT-2015-001)","aliases":[{"alias":"CVE-2014-8157"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/314190?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.5-1"},{"url":"http://public2.vulnerablecode.io/api/packages/336982?format=json","purl":"pkg:ebuild/media-libs/jasper@1.900.1-r9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/jasper@1.900.1-r9"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/314189?format=json","purl":"pkg:alpm/archlinux/jasper@1.900.1-15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cc7-vmc5-a7bc"},{"vulnerability":"VCID-2bx9-wybr-q3da"},{"vulnerability":"VCID-394p-w1c7-y3a4"},{"vulnerability":"VCID-3yeb-458a-pbb9"},{"vulnerability":"VCID-5fdt-peay-uba6"},{"vulnerability":"VCID-6nfa-qjvr-1fbj"},{"vulnerability":"VCID-6vqq-x1fg-hyc4"},{"vulnerability":"VCID-8asv-4rg9-xuc9"},{"vulnerability":"VCID-at8h-b6a9-zyhv"},{"vulnerability":"VCID-au6u-6pqs-w3ew"},{"vulnerability":"VCID-bp3n-6f6v-1fhk"},{"vulnerability":"VCID-drw2-t81u-gucm"},{"vulnerability":"VCID-gy18-hay4-3fg2"},{"vulnerability":"VCID-hh12-gxh7-rkgp"},{"vulnerability":"VCID-kpge-pgd8-tubk"},{"vulnerability":"VCID-p1yv-nkrs-n3f8"},{"vulnerability":"VCID-qc57-kvkw-5qb4"},{"vulnerability":"VCID-re9p-x37b-9udc"},{"vulnerability":"VCID-samh-3dmk-vuah"},{"vulnerability":"VCID-t9na-bdvx-6yer"},{"vulnerability":"VCID-ukd1-xq3t-5bey"},{"vulnerability":"VCID-xr2u-xqk8-s7e3"},{"vulnerability":"VCID-yde2-sfjf-bqgx"},{"vulnerability":"VCID-ygu5-k3bp-byc4"},{"vulnerability":"VCID-zma7-gdqw-2qfg"},{"vulnerability":"VCID-zwmt-13a8-ryed"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/jasper@1.900.1-15"},{"url":"http://public2.vulnerablecode.io/api/packages/271962?format=json","purl":"pkg:rpm/redhat/jasper@1.900.1-16.el6_6?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-394p-w1c7-y3a4"},{"vulnerability":"VCID-gy18-hay4-3fg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-16.el6_6%3Farch=3"},{"url":"http://public2.vulnerablecode.io/api/packages/271963?format=json","purl":"pkg:rpm/redhat/jasper@1.900.1-26.el7_0?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-394p-w1c7-y3a4"},{"vulnerability":"VCID-gy18-hay4-3fg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jasper@1.900.1-26.el7_0%3Farch=3"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8157.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8157.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8157","reference_id":"","reference_type":"","scores":[{"value":"0.05821","scoring_system":"epss","scoring_elements":"0.90662","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179282","reference_id":"1179282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179282"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201503-01","reference_id":"GLSA-201503-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0074","reference_id":"RHSA-2015:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/2483-1/","reference_id":"USN-2483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-1/"},{"reference_url":"https://usn.ubuntu.com/2483-2/","reference_id":"USN-2483-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2483-2/"}],"weaknesses":[{"cwe_id":193,"name":"Off-by-one Error","description":"A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value."},{"cwe_id":122,"name":"Heap-based Buffer Overflow","description":"A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc()."}],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-394p-w1c7-y3a4"}