The jasseq2dcreate function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
{
"cpe": "cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "1.900.13"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}[
{
"digest": {
"function_hash": "45008450416977911492424407671749520564",
"length": 1656.0
},
"target": {
"function": "jpc_siz_getparms",
"file": "src/libjasper/jpc/jpc_cs.c"
},
"id": "CVE-2016-9390-21779471",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/jasper-software/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"234752286057864962727890294762781699511",
"24833995471777026640290151728442320809",
"179898142459622662779942610421325509296",
"90306631920095266507461818008189116624"
]
},
"target": {
"file": "src/libjasper/jpc/jpc_cs.c"
},
"id": "CVE-2016-9390-a084f0ab",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/jasper-software/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865",
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9390.json"
"2026-07-08T12:53:27Z"