[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-2791":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":112,"related":113,"reserved_at":9,"published_at":124,"modified_at":125,"state":126,"summary":127,"references_raw":136,"kevs":253,"epss":254,"epss_history":257,"metrics":519,"affected":530},"CVE-2016-2791","The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110],{"_key":73},"RHSA-2016:0373",{"_key":75},"RHSA-2016:0460",{"_key":77},"OPENSUSE-SU-2024:10071-1",{"_key":79},"SUSE-SU-2016:0727-1",{"_key":81},"SUSE-SU-2016:0777-1",{"_key":83},"SUSE-SU-2016:0909-1",{"_key":85},"OPENSUSE-SU-2016:1769-1",{"_key":87},"OPENSUSE-SU-2016:1778-1",{"_key":89},"OPENSUSE-SU-2024:10230-1",{"_key":91},"DSA-3510-1",{"_key":93},"DSA-3515-1",{"_key":95},"DSA-3520-1",{"_key":97},"MGASA-2016-0097",{"_key":99},"MGASA-2016-0105",{"_key":101},"MGASA-2016-0115",{"_key":103},"UBUNTU-CVE-2016-2791",{"_key":105},"USN-2917-1",{"_key":107},"USN-2927-1",{"_key":109},"USN-2934-1",{"_key":111},"DEBIAN-CVE-2016-2791",[],[114,115,116,117,118,119,120,121,122,123],{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":97},{"_key":99},{"_key":101},"2016-03-13T18:00:00.000Z","2024-08-05T23:32:21.192Z","Modified",{"cisa_kev":128,"cisa_ransomware":128,"cisa_vendor":9,"epss_severity":129,"epss_score":130,"severity":131,"severity_score":132,"severity_version":133,"severity_source":134,"severity_vector":135,"severity_status":126},false,"low",0.00565,"high",8.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[137,145,151,155,159,164,168,172,176,180,185,189,194,198,202,206,210,214,219,223,228,232,236,241,245,249],{"url":138,"sources":139,"tags":141},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html",[140,134],"cve.org",[142,143,144],"Vendor Advisory","X Refsource SUSE","Third Party Advisory",{"url":146,"sources":147,"tags":148},"http://www.securityfocus.com/bid/84222",[140,134],[149,150],"VDB Entry","X Refsource BID",{"url":152,"sources":153,"tags":154},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html",[140,134],[142,143],{"url":156,"sources":157,"tags":158},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html",[140,134],[142,143,144],{"url":160,"sources":161,"tags":162},"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",[140,134],[163,144],"X Refsource CONFIRM",{"url":165,"sources":166,"tags":167},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html",[140,134],[142,143],{"url":169,"sources":170,"tags":171},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html",[140,134],[142,143],{"url":173,"sources":174,"tags":175},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html",[140,134],[142,143,144],{"url":177,"sources":178,"tags":179},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html",[140,134],[142,143],{"url":181,"sources":182,"tags":183},"http://www.ubuntu.com/usn/USN-2917-1",[140,134],[142,184],"X Refsource UBUNTU",{"url":186,"sources":187,"tags":188},"http://www.ubuntu.com/usn/USN-2927-1",[140,134],[142,184],{"url":190,"sources":191,"tags":192},"http://www.debian.org/security/2016/dsa-3520",[140,134],[142,193],"X Refsource DEBIAN",{"url":195,"sources":196,"tags":197},"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html",[140,134],[142,143,144],{"url":199,"sources":200,"tags":201},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html",[140,134],[142,143],{"url":203,"sources":204,"tags":205},"http://www.debian.org/security/2016/dsa-3510",[140,134],[142,193],{"url":207,"sources":208,"tags":209},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html",[140,134],[142,143],{"url":211,"sources":212,"tags":213},"http://www.mozilla.org/security/announce/2016/mfsa2016-37.html",[140,134],[163,142],{"url":215,"sources":216,"tags":217},"http://www.securitytracker.com/id/1035215",[140,134],[149,218],"X Refsource SECTRACK",{"url":220,"sources":221,"tags":222},"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html",[140,134],[142,143],{"url":224,"sources":225,"tags":226},"https://security.gentoo.org/glsa/201605-06",[140,134],[142,227],"X Refsource GENTOO",{"url":229,"sources":230,"tags":231},"http://www.debian.org/security/2016/dsa-3515",[140,134],[142,193],{"url":233,"sources":234,"tags":235},"http://www.ubuntu.com/usn/USN-2934-1",[140,134],[142,184],{"url":237,"sources":238,"tags":239},"https://bugzilla.mozilla.org/show_bug.cgi?id=1243473",[140,134],[163,240],"Issue Tracking",{"url":242,"sources":243,"tags":244},"https://security.gentoo.org/glsa/201701-63",[140,134],[142,227],{"url":246,"sources":247,"tags":248},"http://www.ubuntu.com/usn/USN-2917-2",[140,134],[142,184],{"url":250,"sources":251,"tags":252},"http://www.ubuntu.com/usn/USN-2917-3",[140,134],[142,184],[],{"date":255,"score":130,"percentile":256},"2026-06-04",0.68793,[258,262,265,268,271,273,276,278,281,284,287,290,293,296,298,301,304,307,310,313,316,319,322,325,328,330,333,336,339,342,345,347,350,352,354,357,360,363,366,369,372,374,377,380,383,386,389,392,395,398,401,404,407,410,413,416,418,421,424,427,430,433,436,439,442,445,448,451,454,457,460,462,465,468,471,474,477,480,483,486,489,492,495,498,501,504,507,510,513,516],{"date":259,"score":260,"percentile":261},"2025-11-04",0.00787,0.73051,{"date":263,"score":260,"percentile":264},"2025-11-05",0.73038,{"date":266,"score":260,"percentile":267},"2025-11-06",0.73037,{"date":269,"score":260,"percentile":270},"2025-11-07",0.73055,{"date":272,"score":260,"percentile":270},"2025-11-08",{"date":274,"score":260,"percentile":275},"2025-11-09",0.73048,{"date":277,"score":260,"percentile":267},"2025-11-10",{"date":279,"score":260,"percentile":280},"2025-11-11",0.73042,{"date":282,"score":260,"percentile":283},"2025-11-12",0.7306,{"date":285,"score":260,"percentile":286},"2025-11-13",0.73065,{"date":288,"score":260,"percentile":289},"2025-11-14",0.73071,{"date":291,"score":260,"percentile":292},"2025-11-15",0.7307,{"date":294,"score":260,"percentile":295},"2025-11-16",0.73066,{"date":297,"score":260,"percentile":283},"2025-11-17",{"date":299,"score":260,"percentile":300},"2025-11-18",0.71704,{"date":302,"score":260,"percentile":303},"2025-11-19",0.71711,{"date":305,"score":260,"percentile":306},"2025-11-20",0.71719,{"date":308,"score":260,"percentile":309},"2025-11-21",0.73077,{"date":311,"score":260,"percentile":312},"2025-11-22",0.73074,{"date":314,"score":260,"percentile":315},"2025-11-23",0.73056,{"date":317,"score":260,"percentile":318},"2025-11-24",0.7305,{"date":320,"score":260,"percentile":321},"2025-11-25",0.73053,{"date":323,"score":260,"percentile":324},"2025-11-26",0.73058,{"date":326,"score":260,"percentile":327},"2025-11-27",0.73061,{"date":329,"score":260,"percentile":321},"2025-11-28",{"date":331,"score":260,"percentile":332},"2025-11-29",0.73045,{"date":334,"score":260,"percentile":335},"2025-11-30",0.73039,{"date":337,"score":260,"percentile":338},"2025-12-01",0.7317,{"date":340,"score":260,"percentile":341},"2025-12-02",0.7318,{"date":343,"score":260,"percentile":344},"2025-12-03",0.73179,{"date":346,"score":260,"percentile":318},"2025-12-04",{"date":348,"score":260,"percentile":349},"2025-12-05",0.73057,{"date":351,"score":260,"percentile":315},"2025-12-06",{"date":353,"score":260,"percentile":283},"2025-12-07",{"date":355,"score":260,"percentile":356},"2025-12-08",0.73064,{"date":358,"score":260,"percentile":359},"2025-12-09",0.73092,{"date":361,"score":260,"percentile":362},"2025-12-10",0.73124,{"date":364,"score":260,"percentile":365},"2025-12-11",0.73142,{"date":367,"score":260,"percentile":368},"2025-12-12",0.73165,{"date":370,"score":260,"percentile":371},"2025-12-13",0.73171,{"date":373,"score":260,"percentile":371},"2025-12-14",{"date":375,"score":260,"percentile":376},"2025-12-15",0.73172,{"date":378,"score":260,"percentile":379},"2025-12-16",0.73182,{"date":381,"score":260,"percentile":382},"2025-12-17",0.73193,{"date":384,"score":260,"percentile":385},"2025-12-18",0.73214,{"date":387,"score":260,"percentile":388},"2025-12-19",0.73232,{"date":390,"score":260,"percentile":391},"2025-12-20",0.73233,{"date":393,"score":260,"percentile":394},"2025-12-21",0.73227,{"date":396,"score":260,"percentile":397},"2025-12-22",0.73225,{"date":399,"score":260,"percentile":400},"2025-12-23",0.73216,{"date":402,"score":260,"percentile":403},"2025-12-24",0.73226,{"date":405,"score":260,"percentile":406},"2025-12-25",0.73253,{"date":408,"score":260,"percentile":409},"2025-12-26",0.73254,{"date":411,"score":260,"percentile":412},"2025-12-27",0.73268,{"date":414,"score":260,"percentile":415},"2025-12-28",0.73229,{"date":417,"score":260,"percentile":397},"2025-12-29",{"date":419,"score":260,"percentile":420},"2025-12-30",0.73241,{"date":422,"score":260,"percentile":423},"2025-12-31",0.7327,{"date":425,"score":260,"percentile":426},"2026-01-01",0.73421,{"date":428,"score":260,"percentile":429},"2026-01-02",0.7342,{"date":431,"score":260,"percentile":432},"2026-01-03",0.73419,{"date":434,"score":260,"percentile":435},"2026-01-04",0.73282,{"date":437,"score":260,"percentile":438},"2026-01-05",0.73273,{"date":440,"score":260,"percentile":441},"2026-01-06",0.73286,{"date":443,"score":260,"percentile":444},"2026-01-07",0.73296,{"date":446,"score":260,"percentile":447},"2026-01-08",0.73305,{"date":449,"score":260,"percentile":450},"2026-01-09",0.73308,{"date":452,"score":260,"percentile":453},"2026-01-10",0.73304,{"date":455,"score":260,"percentile":456},"2026-01-11",0.73294,{"date":458,"score":260,"percentile":459},"2026-01-12",0.73284,{"date":461,"score":260,"percentile":435},"2026-01-13",{"date":463,"score":260,"percentile":464},"2026-01-14",0.73309,{"date":466,"score":260,"percentile":467},"2026-01-15",0.73317,{"date":469,"score":260,"percentile":470},"2026-01-16",0.73334,{"date":472,"score":260,"percentile":473},"2026-01-17",0.73331,{"date":475,"score":260,"percentile":476},"2026-01-18",0.73307,{"date":478,"score":130,"percentile":479},"2026-01-19",0.67795,{"date":481,"score":130,"percentile":482},"2026-01-20",0.67805,{"date":484,"score":130,"percentile":485},"2026-01-21",0.67814,{"date":487,"score":130,"percentile":488},"2026-01-22",0.67825,{"date":490,"score":130,"percentile":491},"2026-01-23",0.67854,{"date":493,"score":130,"percentile":494},"2026-01-24",0.67864,{"date":496,"score":130,"percentile":497},"2026-01-25",0.67833,{"date":499,"score":130,"percentile":500},"2026-01-26",0.67824,{"date":502,"score":130,"percentile":503},"2026-01-27",0.67832,{"date":505,"score":130,"percentile":506},"2026-01-28",0.67843,{"date":508,"score":130,"percentile":509},"2026-01-29",0.67839,{"date":511,"score":130,"percentile":512},"2026-01-30",0.67846,{"date":514,"score":130,"percentile":515},"2026-01-31",0.67849,{"date":517,"score":130,"percentile":518},"2026-02-01",0.68001,[520],{"source":134,"cvss_v2_0":521,"cvss_v3_0":526,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":522,"baseSeverity":9,"vectorString":523,"impactScore":524,"exploitabilityScore":525},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":132,"baseSeverity":527,"vectorString":135,"impactScore":528,"exploitabilityScore":529},"HIGH",9.8,7.2,[531,568,575,581,591,598],{"ecosystem":9,"name":532,"vendor":533,"product":532,"cpe_part":534,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":535},"firefox","mozilla","a",[536,542,544,546,548,550,552,554,556,558,560,562,564,566],{"version":537,"is_range":538,"range_type":539,"version_start":9,"version_start_type":9,"version_end":540,"version_end_type":541,"fixed_in":9},"lte44.0.2",true,"cpe","44.0.2","including",{"version":543,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0",{"version":545,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.1",{"version":547,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.5",{"version":549,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.0",{"version":551,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.1",{"version":553,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.2.0",{"version":555,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.2.1",{"version":557,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.3.0",{"version":559,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.4.0",{"version":561,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.5.0",{"version":563,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.5.1",{"version":565,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.6.0",{"version":567,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.6.1",{"ecosystem":9,"name":569,"vendor":570,"product":569,"cpe_part":571,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":572},"leap","opensuse","o",[573],{"version":574,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.1",{"ecosystem":9,"name":570,"vendor":570,"product":570,"cpe_part":571,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":576},[577,579],{"version":578,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.1",{"version":580,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.2",{"ecosystem":9,"name":582,"vendor":583,"product":582,"cpe_part":571,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":584},"linux","oracle",[585,587,589],{"version":586,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0",{"version":588,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6",{"version":590,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7",{"ecosystem":9,"name":592,"vendor":593,"product":592,"cpe_part":534,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":594},"graphite2","sil",[595],{"version":596,"is_range":538,"range_type":539,"version_start":9,"version_start_type":9,"version_end":597,"version_end_type":541,"fixed_in":9},"lte1.3.5","1.3.5",{"ecosystem":9,"name":599,"vendor":600,"product":601,"cpe_part":571,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":602},"linux enterprise","suse","linux_enterprise",[603],{"version":604,"is_range":128,"range_type":539,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0"]