Search for vulnerabilities
Vulnerability details: VCID-bez4-avz6-ske4
Vulnerability ID VCID-bez4-avz6-ske4
Aliases CVE-2016-1969
Summary Security researcher James Clawson used the Address Sanitizer tool to discover an out-of-bounds write in the Graphite 2 library when loading a crafted Graphite font file. This results in a potentially exploitable crash.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.63651
EPSS Score 0.00472
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:10:13.230089+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2016/mfsa2016-38.md 37.0.0