[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-5139":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":98,"related":99,"reserved_at":9,"published_at":106,"modified_at":107,"state":108,"summary":109,"references_raw":118,"kevs":188,"epss":189,"epss_history":192,"metrics":451,"affected":462},"CVE-2016-5139","Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96],{"_key":73},"RHSA-2016:1580",{"_key":75},"RHSA-2017:0559",{"_key":77},"RHSA-2017:0838",{"_key":79},"OPENSUSE-SU-2016:1982-1",{"_key":81},"OPENSUSE-SU-2016:1983-1",{"_key":83},"OPENSUSE-SU-2024:10171-1",{"_key":85},"OPENSUSE-SU-2024:12948-1",{"_key":87},"DLA-1433-1",{"_key":89},"DSA-3645-1",{"_key":91},"MGASA-2016-0279",{"_key":93},"MGASA-2017-0122",{"_key":95},"UBUNTU-CVE-2016-5139",{"_key":97},"DEBIAN-CVE-2016-5139",[],[100,101,102,103,104,105],{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":91},{"_key":93},"2016-08-07T19:00:00.000Z","2024-08-06T00:53:48.295Z","Modified",{"cisa_kev":110,"cisa_ransomware":110,"cisa_vendor":9,"epss_severity":111,"epss_score":112,"severity":113,"severity_score":114,"severity_version":115,"severity_source":116,"severity_vector":117,"severity_status":108},false,"low",0.01487,"high",7.6,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",[119,126,132,137,143,148,152,156,161,166,170,174,178,183],{"url":120,"sources":121,"tags":123},"https://lists.debian.org/debian-lts-announce/2018/07/msg00025.html",[122,116],"cve.org",[124,125],"Mailing List","X Refsource MLIST",{"url":127,"sources":128,"tags":129},"http://www.securityfocus.com/bid/92276",[122,116],[130,131],"VDB Entry","X Refsource BID",{"url":133,"sources":134,"tags":135},"https://crbug.com/625541",[122,116],[136],"X Refsource CONFIRM",{"url":138,"sources":139,"tags":140},"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.html",[122,116],[141,142],"Vendor Advisory","X Refsource SUSE",{"url":144,"sources":145,"tags":146},"http://rhn.redhat.com/errata/RHSA-2016-1580.html",[122,116],[141,147],"X Refsource REDHAT",{"url":149,"sources":150,"tags":151},"http://rhn.redhat.com/errata/RHSA-2017-0559.html",[122,116],[141,147],{"url":153,"sources":154,"tags":155},"http://rhn.redhat.com/errata/RHSA-2017-0838.html",[122,116],[141,147],{"url":157,"sources":158,"tags":159},"http://www.securitytracker.com/id/1036547",[122,116],[130,160],"X Refsource SECTRACK",{"url":162,"sources":163,"tags":164},"https://security.gentoo.org/glsa/201610-09",[122,116],[141,165],"X Refsource GENTOO",{"url":167,"sources":168,"tags":169},"https://codereview.chromium.org/2124073003",[122,116],[136],{"url":171,"sources":172,"tags":173},"http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html",[122,116],[136],{"url":175,"sources":176,"tags":177},"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.html",[122,116],[141,142],{"url":179,"sources":180,"tags":181},"http://www.debian.org/security/2016/dsa-3645",[122,116],[141,182],"X Refsource DEBIAN",{"url":184,"sources":185,"tags":186},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KMX62M7UNRLWO4FEQ6YIMPMTKXXJV6A/",[122,116],[141,187],"X Refsource FEDORA",[],{"date":190,"score":112,"percentile":191},"2026-06-04",0.81365,[193,197,200,203,206,209,211,214,216,219,222,225,228,230,232,235,238,241,244,247,250,253,256,259,262,264,266,269,272,275,278,280,283,286,289,292,295,298,301,304,307,310,312,314,317,320,323,326,329,332,334,337,340,343,346,349,352,355,358,361,364,367,370,373,376,378,381,384,387,390,393,395,398,401,404,407,410,413,416,419,422,425,428,431,434,437,439,442,445,448],{"date":194,"score":195,"percentile":196},"2025-11-04",0.01279,0.78911,{"date":198,"score":195,"percentile":199},"2025-11-05",0.7891,{"date":201,"score":195,"percentile":202},"2025-11-06",0.78908,{"date":204,"score":195,"percentile":205},"2025-11-07",0.7892,{"date":207,"score":195,"percentile":208},"2025-11-08",0.78926,{"date":210,"score":195,"percentile":205},"2025-11-09",{"date":212,"score":195,"percentile":213},"2025-11-10",0.78907,{"date":215,"score":195,"percentile":199},"2025-11-11",{"date":217,"score":195,"percentile":218},"2025-11-12",0.78927,{"date":220,"score":195,"percentile":221},"2025-11-13",0.78937,{"date":223,"score":195,"percentile":224},"2025-11-14",0.78943,{"date":226,"score":195,"percentile":227},"2025-11-15",0.78942,{"date":229,"score":195,"percentile":224},"2025-11-16",{"date":231,"score":195,"percentile":221},"2025-11-17",{"date":233,"score":195,"percentile":234},"2025-11-18",0.77827,{"date":236,"score":195,"percentile":237},"2025-11-19",0.77834,{"date":239,"score":195,"percentile":240},"2025-11-20",0.7784,{"date":242,"score":195,"percentile":243},"2025-11-21",0.78962,{"date":245,"score":195,"percentile":246},"2025-11-22",0.78964,{"date":248,"score":195,"percentile":249},"2025-11-23",0.78953,{"date":251,"score":195,"percentile":252},"2025-11-24",0.78951,{"date":254,"score":195,"percentile":255},"2025-11-25",0.78956,{"date":257,"score":195,"percentile":258},"2025-11-26",0.78958,{"date":260,"score":195,"percentile":261},"2025-11-27",0.78961,{"date":263,"score":195,"percentile":249},"2025-11-28",{"date":265,"score":195,"percentile":261},"2025-11-29",{"date":267,"score":195,"percentile":268},"2025-11-30",0.7896,{"date":270,"score":195,"percentile":271},"2025-12-01",0.79052,{"date":273,"score":195,"percentile":274},"2025-12-02",0.79054,{"date":276,"score":195,"percentile":277},"2025-12-03",0.79053,{"date":279,"score":195,"percentile":268},"2025-12-04",{"date":281,"score":195,"percentile":282},"2025-12-05",0.78966,{"date":284,"score":195,"percentile":285},"2025-12-06",0.78967,{"date":287,"score":195,"percentile":288},"2025-12-07",0.78968,{"date":290,"score":195,"percentile":291},"2025-12-08",0.78971,{"date":293,"score":195,"percentile":294},"2025-12-09",0.78988,{"date":296,"score":195,"percentile":297},"2025-12-10",0.7901,{"date":299,"score":195,"percentile":300},"2025-12-11",0.79025,{"date":302,"score":195,"percentile":303},"2025-12-12",0.79044,{"date":305,"score":195,"percentile":306},"2025-12-13",0.79045,{"date":308,"score":195,"percentile":309},"2025-12-14",0.79043,{"date":311,"score":195,"percentile":309},"2025-12-15",{"date":313,"score":195,"percentile":277},"2025-12-16",{"date":315,"score":195,"percentile":316},"2025-12-17",0.7906,{"date":318,"score":195,"percentile":319},"2025-12-18",0.79079,{"date":321,"score":195,"percentile":322},"2025-12-19",0.7909,{"date":324,"score":195,"percentile":325},"2025-12-20",0.79084,{"date":327,"score":195,"percentile":328},"2025-12-21",0.79078,{"date":330,"score":195,"percentile":331},"2025-12-22",0.79081,{"date":333,"score":195,"percentile":331},"2025-12-23",{"date":335,"score":195,"percentile":336},"2025-12-24",0.79095,{"date":338,"score":195,"percentile":339},"2025-12-25",0.79114,{"date":341,"score":195,"percentile":342},"2025-12-26",0.79111,{"date":344,"score":195,"percentile":345},"2025-12-27",0.79162,{"date":347,"score":195,"percentile":348},"2025-12-28",0.79101,{"date":350,"score":195,"percentile":351},"2025-12-29",0.79096,{"date":353,"score":195,"percentile":354},"2025-12-30",0.79103,{"date":356,"score":195,"percentile":357},"2025-12-31",0.7912,{"date":359,"score":195,"percentile":360},"2026-01-01",0.79216,{"date":362,"score":195,"percentile":363},"2026-01-02",0.79214,{"date":365,"score":195,"percentile":366},"2026-01-03",0.79211,{"date":368,"score":195,"percentile":369},"2026-01-04",0.79112,{"date":371,"score":195,"percentile":372},"2026-01-05",0.79108,{"date":374,"score":195,"percentile":375},"2026-01-06",0.79113,{"date":377,"score":195,"percentile":357},"2026-01-07",{"date":379,"score":195,"percentile":380},"2026-01-08",0.79131,{"date":382,"score":195,"percentile":383},"2026-01-09",0.79133,{"date":385,"score":195,"percentile":386},"2026-01-10",0.79135,{"date":388,"score":195,"percentile":389},"2026-01-11",0.79129,{"date":391,"score":195,"percentile":392},"2026-01-12",0.79115,{"date":394,"score":195,"percentile":342},"2026-01-13",{"date":396,"score":195,"percentile":397},"2026-01-14",0.79132,{"date":399,"score":195,"percentile":400},"2026-01-15",0.79134,{"date":402,"score":195,"percentile":403},"2026-01-16",0.7914,{"date":405,"score":195,"percentile":406},"2026-01-17",0.79149,{"date":408,"score":195,"percentile":409},"2026-01-18",0.79145,{"date":411,"score":195,"percentile":412},"2026-01-19",0.79138,{"date":414,"score":195,"percentile":415},"2026-01-20",0.79136,{"date":417,"score":195,"percentile":418},"2026-01-21",0.79142,{"date":420,"score":195,"percentile":421},"2026-01-22",0.79152,{"date":423,"score":195,"percentile":424},"2026-01-23",0.7918,{"date":426,"score":195,"percentile":427},"2026-01-24",0.7919,{"date":429,"score":195,"percentile":430},"2026-01-25",0.79183,{"date":432,"score":195,"percentile":433},"2026-01-26",0.79179,{"date":435,"score":195,"percentile":436},"2026-01-27",0.79178,{"date":438,"score":195,"percentile":436},"2026-01-28",{"date":440,"score":195,"percentile":441},"2026-01-29",0.79174,{"date":443,"score":195,"percentile":444},"2026-01-30",0.79176,{"date":446,"score":195,"percentile":447},"2026-01-31",0.79181,{"date":449,"score":195,"percentile":450},"2026-02-01",0.79277,[452],{"source":116,"cvss_v2_0":453,"cvss_v3_0":458,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":454,"baseSeverity":9,"vectorString":455,"impactScore":456,"exploitabilityScore":457},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":114,"baseSeverity":459,"vectorString":117,"impactScore":460,"exploitabilityScore":461},"HIGH",7.8,7.2,[463],{"ecosystem":9,"name":464,"vendor":465,"product":466,"cpe_part":467,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":468},"Chrome","google","chrome","a",[469],{"version":470,"is_range":110,"range_type":471,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"52.0.2743.82","cpe"]