[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-9601":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":79,"aliases":80,"duplicate_of":9,"upstream":81,"downstream":82,"duplicates":105,"related":106,"reserved_at":9,"published_at":113,"modified_at":114,"state":115,"summary":116,"references_raw":125,"kevs":160,"epss":161,"epss_history":164,"metrics":426,"affected":443},"CVE-2016-9601","ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.",null,[11,68],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"_key":69,"id":69,"name":70,"description":71,"type":15,"status":16,"abstraction":72,"likelihood_of_exploit":73,"capec":74},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","Base","Medium",[75],{"id":76,"name":77,"techniques":78},"CAPEC-92","Forced Integer Overflow",[],[],[],[],[83,85,87,89,91,93,95,97,99,101,103],{"_key":84},"SUSE-SU-2017:1138-1",{"_key":86},"SUSE-SU-2017:1404-1",{"_key":88},"SUSE-SU-2018:1140-1",{"_key":90},"SUSE-SU-2018:1369-1",{"_key":92},"DLA-874-1",{"_key":94},"DSA-3817-1",{"_key":96},"MGASA-2017-0133",{"_key":98},"MGASA-2017-0206",{"_key":100},"UBUNTU-CVE-2016-9601",{"_key":102},"USN-3297-1",{"_key":104},"DEBIAN-CVE-2016-9601",[],[107,108,109,110,111,112],{"_key":84},{"_key":86},{"_key":88},{"_key":90},{"_key":96},{"_key":98},"2018-04-23T21:00:00.000Z","2024-08-06T02:59:02.237Z","Modified",{"cisa_kev":117,"cisa_ransomware":117,"cisa_vendor":9,"epss_severity":118,"epss_score":119,"severity":120,"severity_score":121,"severity_version":122,"severity_source":123,"severity_vector":124,"severity_status":115},false,"low",0.0045,"medium",5.5,"v3.0","nvd","CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",[126,134,140,145,151,156],{"url":127,"sources":128,"tags":130},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9601",[129,123],"cve.org",[131,132,133],"X Refsource MISC","Issue Tracking","Third Party Advisory",{"url":135,"sources":136,"tags":137},"http://www.securityfocus.com/bid/97095",[129,123],[138,139,133],"VDB Entry","X Refsource BID",{"url":141,"sources":142,"tags":143},"http://git.ghostscript.com/?p=jbig2dec.git%3Ba=commit%3Bh=e698d5c11d27212aa1098bc5b1673a3378563092",[129,123],[144],"X Refsource CONFIRM",{"url":146,"sources":147,"tags":148},"https://security.gentoo.org/glsa/201706-24",[129,123],[149,150,133],"Vendor Advisory","X Refsource GENTOO",{"url":152,"sources":153,"tags":154},"https://www.debian.org/security/2017/dsa-3817",[129,123],[149,155,133],"X Refsource DEBIAN",{"url":157,"sources":158,"tags":159},"https://bugs.ghostscript.com/show_bug.cgi?id=697457",[129,123],[144,132,133],[],{"date":162,"score":119,"percentile":163},"2026-06-05",0.64016,[165,168,171,174,177,180,183,186,189,192,195,198,200,203,205,208,211,214,217,220,223,226,229,232,235,238,240,243,246,249,252,254,257,260,263,265,267,270,273,276,279,282,285,288,291,294,297,300,303,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,387,390,393,395,398,401,404,406,409,411,414,417,420,423],{"date":166,"score":119,"percentile":167},"2025-11-04",0.62828,{"date":169,"score":119,"percentile":170},"2025-11-05",0.62811,{"date":172,"score":119,"percentile":173},"2025-11-06",0.62819,{"date":175,"score":119,"percentile":176},"2025-11-07",0.62835,{"date":178,"score":119,"percentile":179},"2025-11-08",0.62839,{"date":181,"score":119,"percentile":182},"2025-11-09",0.62833,{"date":184,"score":119,"percentile":185},"2025-11-10",0.62815,{"date":187,"score":119,"percentile":188},"2025-11-11",0.62827,{"date":190,"score":119,"percentile":191},"2025-11-12",0.6285,{"date":193,"score":119,"percentile":194},"2025-11-13",0.62856,{"date":196,"score":119,"percentile":197},"2025-11-14",0.62865,{"date":199,"score":119,"percentile":194},"2025-11-15",{"date":201,"score":119,"percentile":202},"2025-11-16",0.62847,{"date":204,"score":119,"percentile":202},"2025-11-17",{"date":206,"score":119,"percentile":207},"2025-11-18",0.60981,{"date":209,"score":119,"percentile":210},"2025-11-19",0.60992,{"date":212,"score":119,"percentile":213},"2025-11-20",0.60982,{"date":215,"score":119,"percentile":216},"2025-11-21",0.62857,{"date":218,"score":119,"percentile":219},"2025-11-22",0.62867,{"date":221,"score":119,"percentile":222},"2025-11-23",0.62846,{"date":224,"score":119,"percentile":225},"2025-11-24",0.6284,{"date":227,"score":119,"percentile":228},"2025-11-25",0.62845,{"date":230,"score":119,"percentile":231},"2025-11-26",0.62849,{"date":233,"score":119,"percentile":234},"2025-11-27",0.62854,{"date":236,"score":119,"percentile":237},"2025-11-28",0.62837,{"date":239,"score":119,"percentile":170},"2025-11-29",{"date":241,"score":119,"percentile":242},"2025-11-30",0.62803,{"date":244,"score":119,"percentile":245},"2025-12-01",0.62972,{"date":247,"score":119,"percentile":248},"2025-12-02",0.6299,{"date":250,"score":119,"percentile":251},"2025-12-03",0.62994,{"date":253,"score":119,"percentile":173},"2025-12-04",{"date":255,"score":119,"percentile":256},"2025-12-05",0.62832,{"date":258,"score":119,"percentile":259},"2025-12-06",0.62834,{"date":261,"score":119,"percentile":262},"2025-12-07",0.62826,{"date":264,"score":119,"percentile":182},"2025-12-08",{"date":266,"score":119,"percentile":219},"2025-12-09",{"date":268,"score":119,"percentile":269},"2025-12-10",0.6291,{"date":271,"score":119,"percentile":272},"2025-12-11",0.62926,{"date":274,"score":119,"percentile":275},"2025-12-12",0.62951,{"date":277,"score":119,"percentile":278},"2025-12-13",0.62958,{"date":280,"score":119,"percentile":281},"2025-12-14",0.62957,{"date":283,"score":119,"percentile":284},"2025-12-15",0.62948,{"date":286,"score":119,"percentile":287},"2025-12-16",0.62964,{"date":289,"score":119,"percentile":290},"2025-12-17",0.62976,{"date":292,"score":119,"percentile":293},"2025-12-18",0.63013,{"date":295,"score":119,"percentile":296},"2025-12-19",0.63029,{"date":298,"score":119,"percentile":299},"2025-12-20",0.63032,{"date":301,"score":119,"percentile":302},"2025-12-21",0.63023,{"date":304,"score":119,"percentile":293},"2025-12-22",{"date":306,"score":119,"percentile":307},"2025-12-23",0.63028,{"date":309,"score":119,"percentile":310},"2025-12-24",0.63035,{"date":312,"score":119,"percentile":313},"2025-12-25",0.63064,{"date":315,"score":119,"percentile":316},"2025-12-26",0.63062,{"date":318,"score":119,"percentile":319},"2025-12-27",0.63118,{"date":321,"score":119,"percentile":322},"2025-12-28",0.6304,{"date":324,"score":119,"percentile":325},"2025-12-29",0.63034,{"date":327,"score":119,"percentile":328},"2025-12-30",0.63049,{"date":330,"score":119,"percentile":331},"2025-12-31",0.6307,{"date":333,"score":119,"percentile":334},"2026-01-01",0.63257,{"date":336,"score":119,"percentile":337},"2026-01-02",0.63241,{"date":339,"score":119,"percentile":340},"2026-01-03",0.63239,{"date":342,"score":119,"percentile":343},"2026-01-04",0.63059,{"date":345,"score":119,"percentile":346},"2026-01-05",0.63058,{"date":348,"score":119,"percentile":349},"2026-01-06",0.63053,{"date":351,"score":119,"percentile":352},"2026-01-07",0.63074,{"date":354,"score":119,"percentile":355},"2026-01-08",0.63096,{"date":357,"score":119,"percentile":358},"2026-01-09",0.63098,{"date":360,"score":119,"percentile":361},"2026-01-10",0.63092,{"date":363,"score":119,"percentile":364},"2026-01-11",0.6308,{"date":366,"score":119,"percentile":367},"2026-01-12",0.6306,{"date":369,"score":119,"percentile":370},"2026-01-13",0.63056,{"date":372,"score":119,"percentile":373},"2026-01-14",0.631,{"date":375,"score":119,"percentile":376},"2026-01-15",0.63117,{"date":378,"score":119,"percentile":379},"2026-01-16",0.63135,{"date":381,"score":119,"percentile":382},"2026-01-17",0.63126,{"date":384,"score":385,"percentile":386},"2026-01-18",0.00426,0.61755,{"date":388,"score":385,"percentile":389},"2026-01-19",0.61737,{"date":391,"score":385,"percentile":392},"2026-01-20",0.61753,{"date":394,"score":385,"percentile":386},"2026-01-21",{"date":396,"score":385,"percentile":397},"2026-01-22",0.6176,{"date":399,"score":119,"percentile":400},"2026-01-23",0.63165,{"date":402,"score":119,"percentile":403},"2026-01-24",0.6317,{"date":405,"score":119,"percentile":379},"2026-01-25",{"date":407,"score":119,"percentile":408},"2026-01-26",0.63124,{"date":410,"score":119,"percentile":379},"2026-01-27",{"date":412,"score":119,"percentile":413},"2026-01-28",0.63145,{"date":415,"score":119,"percentile":416},"2026-01-29",0.63141,{"date":418,"score":119,"percentile":419},"2026-01-30",0.63147,{"date":421,"score":119,"percentile":422},"2026-01-31",0.63151,{"date":424,"score":119,"percentile":425},"2026-02-01",0.63292,[427,434],{"source":129,"cvss_v2_0":9,"cvss_v3_0":428,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":429,"baseSeverity":430,"vectorString":431,"impactScore":432,"exploitabilityScore":433},5.3,"MEDIUM","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",2.3,10,{"source":123,"cvss_v2_0":435,"cvss_v3_0":440,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":436,"baseSeverity":9,"vectorString":437,"impactScore":438,"exploitabilityScore":439},4.3,"AV:N/AC:M/Au:N/C:N/I:N/A:P",2.9,8.6,{"baseScore":121,"baseSeverity":430,"vectorString":124,"impactScore":441,"exploitabilityScore":442},6,4.6,[444,456,463,473],{"ecosystem":9,"name":445,"vendor":446,"product":447,"cpe_part":448,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":449},"gpl ghostscript","artifex","gpl_ghostscript","a",[450],{"version":451,"is_range":452,"range_type":453,"version_start":9,"version_start_type":9,"version_end":454,"version_end_type":455,"fixed_in":9},"lt9.21",true,"cpe","9.21","excluding",{"ecosystem":9,"name":457,"vendor":446,"product":457,"cpe_part":448,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":458},"jbig2dec",[459],{"version":460,"is_range":452,"range_type":453,"version_start":9,"version_start_type":9,"version_end":461,"version_end_type":462,"fixed_in":9},"lte0.13","0.13","including",{"ecosystem":9,"name":464,"vendor":465,"product":466,"cpe_part":467,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":468},"debian linux","debian","debian_linux","o",[469,471],{"version":470,"is_range":117,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":472,"is_range":117,"range_type":453,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":474,"vendor":475,"product":474,"cpe_part":448,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":476},"ghostscript","unspecified",[477],{"version":478,"is_range":117,"range_type":129,"version_start":478,"version_start_type":462,"version_end":478,"version_end_type":462,"fixed_in":9},"ghostscript 0.14"]