[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-1709":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":88,"related":89,"reserved_at":9,"published_at":95,"modified_at":96,"state":97,"summary":98,"references_raw":107,"kevs":169,"epss":170,"epss_history":173,"metrics":434,"affected":445},"CVE-2016-1709","Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SFNT font.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86],{"_key":73},"UBUNTU-CVE-2016-1709",{"_key":75},"OPENSUSE-SU-2016:1868-1",{"_key":77},"OPENSUSE-SU-2016:1869-1",{"_key":79},"OPENSUSE-SU-2024:10171-1",{"_key":81},"OPENSUSE-SU-2024:12948-1",{"_key":83},"DSA-3637-1",{"_key":85},"MGASA-2016-0274",{"_key":87},"RHSA-2016:1485",[],[90,91,92,93,94],{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":85},"2016-07-23T19:00:00.000Z","2024-08-05T23:02:13.302Z","Modified",{"cisa_kev":99,"cisa_ransomware":99,"cisa_vendor":9,"epss_severity":100,"epss_score":101,"severity":102,"severity_score":103,"severity_version":104,"severity_source":105,"severity_vector":106,"severity_status":97},false,"low",0.0155,"high",8.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[108,115,119,125,130,134,138,142,146,150,155,160,164],{"url":109,"sources":110,"tags":112},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html",[111,105],"cve.org",[113,114],"Vendor Advisory","X Refsource SUSE",{"url":116,"sources":117,"tags":118},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html",[111,105],[113,114],{"url":120,"sources":121,"tags":122},"http://www.securityfocus.com/bid/92053",[111,105],[123,124],"VDB Entry","X Refsource BID",{"url":126,"sources":127,"tags":128},"https://github.com/googlei18n/sfntly/commit/468cad540fa1b0027cad60456f53feabecdce2bc",[111,105],[129],"X Refsource CONFIRM",{"url":131,"sources":132,"tags":133},"http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html",[111,105],[129],{"url":135,"sources":136,"tags":137},"https://github.com/googlei18n/sfntly/pull/56",[111,105],[129],{"url":139,"sources":140,"tags":141},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html",[111,105],[113,114],{"url":143,"sources":144,"tags":145},"https://github.com/googlei18n/sfntly/commit/c56b85408bab232efd7e650f0994272a174e3b92",[111,105],[129],{"url":147,"sources":148,"tags":149},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html",[111,105],[113,114],{"url":151,"sources":152,"tags":153},"http://rhn.redhat.com/errata/RHSA-2016-1485.html",[111,105],[113,154],"X Refsource REDHAT",{"url":156,"sources":157,"tags":158},"http://www.securitytracker.com/id/1036428",[111,105],[123,159],"X Refsource SECTRACK",{"url":161,"sources":162,"tags":163},"https://crbug.com/614934",[111,105],[129],{"url":165,"sources":166,"tags":167},"http://www.debian.org/security/2016/dsa-3637",[111,105],[113,168],"X Refsource DEBIAN",[],{"date":171,"score":101,"percentile":172},"2026-06-04",0.81743,[174,178,181,184,187,190,193,196,199,202,205,208,211,214,217,220,223,226,229,232,235,237,240,243,245,248,250,252,255,258,261,264,267,270,272,275,278,281,284,287,290,293,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,355,358,361,364,367,370,372,375,378,381,384,387,390,393,396,399,402,405,407,410,413,416,418,421,424,426,428,431],{"date":175,"score":176,"percentile":177},"2025-11-04",0.01146,0.77778,{"date":179,"score":176,"percentile":180},"2025-11-05",0.77781,{"date":182,"score":176,"percentile":183},"2025-11-06",0.7778,{"date":185,"score":176,"percentile":186},"2025-11-07",0.77794,{"date":188,"score":176,"percentile":189},"2025-11-08",0.778,{"date":191,"score":176,"percentile":192},"2025-11-09",0.77797,{"date":194,"score":176,"percentile":195},"2025-11-10",0.77784,{"date":197,"score":176,"percentile":198},"2025-11-11",0.77787,{"date":200,"score":176,"percentile":201},"2025-11-12",0.77804,{"date":203,"score":176,"percentile":204},"2025-11-13",0.77813,{"date":206,"score":176,"percentile":207},"2025-11-14",0.77823,{"date":209,"score":176,"percentile":210},"2025-11-15",0.77819,{"date":212,"score":176,"percentile":213},"2025-11-16",0.77821,{"date":215,"score":176,"percentile":216},"2025-11-17",0.77816,{"date":218,"score":176,"percentile":219},"2025-11-18",0.7663,{"date":221,"score":176,"percentile":222},"2025-11-19",0.76637,{"date":224,"score":176,"percentile":225},"2025-11-20",0.76648,{"date":227,"score":176,"percentile":228},"2025-11-21",0.77845,{"date":230,"score":176,"percentile":231},"2025-11-22",0.77844,{"date":233,"score":176,"percentile":234},"2025-11-23",0.77829,{"date":236,"score":176,"percentile":234},"2025-11-24",{"date":238,"score":176,"percentile":239},"2025-11-25",0.77835,{"date":241,"score":176,"percentile":242},"2025-11-26",0.77842,{"date":244,"score":176,"percentile":228},"2025-11-27",{"date":246,"score":176,"percentile":247},"2025-11-28",0.77837,{"date":249,"score":176,"percentile":228},"2025-11-29",{"date":251,"score":176,"percentile":242},"2025-11-30",{"date":253,"score":176,"percentile":254},"2025-12-01",0.7795,{"date":256,"score":176,"percentile":257},"2025-12-02",0.77958,{"date":259,"score":176,"percentile":260},"2025-12-03",0.77943,{"date":262,"score":176,"percentile":263},"2025-12-04",0.77832,{"date":265,"score":176,"percentile":266},"2025-12-05",0.77838,{"date":268,"score":176,"percentile":269},"2025-12-06",0.77841,{"date":271,"score":176,"percentile":239},"2025-12-07",{"date":273,"score":176,"percentile":274},"2025-12-08",0.7784,{"date":276,"score":176,"percentile":277},"2025-12-09",0.77862,{"date":279,"score":176,"percentile":280},"2025-12-10",0.77886,{"date":282,"score":176,"percentile":283},"2025-12-11",0.77901,{"date":285,"score":176,"percentile":286},"2025-12-12",0.77919,{"date":288,"score":176,"percentile":289},"2025-12-13",0.77921,{"date":291,"score":176,"percentile":292},"2025-12-14",0.77917,{"date":294,"score":176,"percentile":295},"2025-12-15",0.77913,{"date":297,"score":176,"percentile":298},"2025-12-16",0.77924,{"date":300,"score":176,"percentile":301},"2025-12-17",0.77934,{"date":303,"score":176,"percentile":304},"2025-12-18",0.77951,{"date":306,"score":176,"percentile":307},"2025-12-19",0.77964,{"date":309,"score":176,"percentile":310},"2025-12-20",0.77957,{"date":312,"score":176,"percentile":313},"2025-12-21",0.77952,{"date":315,"score":176,"percentile":316},"2025-12-22",0.77953,{"date":318,"score":176,"percentile":319},"2025-12-23",0.77955,{"date":321,"score":176,"percentile":322},"2025-12-24",0.77967,{"date":324,"score":176,"percentile":325},"2025-12-25",0.77987,{"date":327,"score":176,"percentile":328},"2025-12-26",0.77984,{"date":330,"score":176,"percentile":331},"2025-12-27",0.78032,{"date":333,"score":176,"percentile":334},"2025-12-28",0.77973,{"date":336,"score":176,"percentile":337},"2025-12-29",0.77969,{"date":339,"score":176,"percentile":340},"2025-12-30",0.77975,{"date":342,"score":176,"percentile":343},"2025-12-31",0.77988,{"date":345,"score":176,"percentile":346},"2026-01-01",0.78106,{"date":348,"score":176,"percentile":349},"2026-01-02",0.78107,{"date":351,"score":176,"percentile":352},"2026-01-03",0.78105,{"date":354,"score":176,"percentile":343},"2026-01-04",{"date":356,"score":176,"percentile":357},"2026-01-05",0.77981,{"date":359,"score":176,"percentile":360},"2026-01-06",0.77989,{"date":362,"score":176,"percentile":363},"2026-01-07",0.77994,{"date":365,"score":176,"percentile":366},"2026-01-08",0.78001,{"date":368,"score":176,"percentile":369},"2026-01-09",0.78005,{"date":371,"score":176,"percentile":369},"2026-01-10",{"date":373,"score":176,"percentile":374},"2026-01-11",0.77997,{"date":376,"score":176,"percentile":377},"2026-01-12",0.77983,{"date":379,"score":176,"percentile":380},"2026-01-13",0.77982,{"date":382,"score":176,"percentile":383},"2026-01-14",0.78004,{"date":385,"score":176,"percentile":386},"2026-01-15",0.78007,{"date":388,"score":176,"percentile":389},"2026-01-16",0.78016,{"date":391,"score":176,"percentile":392},"2026-01-17",0.78022,{"date":394,"score":176,"percentile":395},"2026-01-18",0.78017,{"date":397,"score":176,"percentile":398},"2026-01-19",0.78015,{"date":400,"score":176,"percentile":401},"2026-01-20",0.78008,{"date":403,"score":176,"percentile":404},"2026-01-21",0.78013,{"date":406,"score":176,"percentile":392},"2026-01-22",{"date":408,"score":176,"percentile":409},"2026-01-23",0.78048,{"date":411,"score":176,"percentile":412},"2026-01-24",0.7806,{"date":414,"score":176,"percentile":415},"2026-01-25",0.78052,{"date":417,"score":176,"percentile":409},"2026-01-26",{"date":419,"score":176,"percentile":420},"2026-01-27",0.78047,{"date":422,"score":176,"percentile":423},"2026-01-28",0.78051,{"date":425,"score":176,"percentile":409},"2026-01-29",{"date":427,"score":176,"percentile":415},"2026-01-30",{"date":429,"score":176,"percentile":430},"2026-01-31",0.78054,{"date":432,"score":176,"percentile":433},"2026-02-01",0.78165,[435],{"source":105,"cvss_v2_0":436,"cvss_v3_0":441,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":437,"baseSeverity":9,"vectorString":438,"impactScore":439,"exploitabilityScore":440},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":103,"baseSeverity":442,"vectorString":106,"impactScore":443,"exploitabilityScore":444},"HIGH",9.8,7.2,[446,457],{"ecosystem":9,"name":447,"vendor":448,"product":447,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":450},"chrome","google","a",[451],{"version":452,"is_range":453,"range_type":454,"version_start":9,"version_start_type":9,"version_end":455,"version_end_type":456,"fixed_in":9},"lte51.0.2704.106",true,"cpe","51.0.2704.106","including",{"ecosystem":9,"name":458,"vendor":448,"product":458,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":459},"sfntly",[460],{"version":461,"is_range":99,"range_type":454,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na"]