Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/940733?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "texlive-bin", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2005.dfsg.2-1", "latest_non_vulnerable_version": "2023.20230311.66589-9", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276516?format=api", "vulnerability_id": "VCID-15kj-emtf-vbag", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35065", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37886", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35065" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35065.md", "reference_id": "CVE-2022-35065.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:42:17Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35065.md" }, { "reference_url": "https://drive.google.com/file/d/1emVd7wtL-kIhpSrl0ynkuci2KsSnaoO9/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:42:17Z/" } ], "url": "https://drive.google.com/file/d/1emVd7wtL-kIhpSrl0ynkuci2KsSnaoO9/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35065" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-15kj-emtf-vbag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276515?format=api", "vulnerability_id": "VCID-22hs-pt9p-fbdn", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adcdb in __asan_memset.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35064" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35064.md", "reference_id": "CVE-2022-35064.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:48:05Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35064.md" }, { "reference_url": "https://drive.google.com/file/d/1btOL19V9nmB4BCUBSQ2fViABe3tMZ8mp/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:48:05Z/" } ], "url": "https://drive.google.com/file/d/1btOL19V9nmB4BCUBSQ2fViABe3tMZ8mp/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35064" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22hs-pt9p-fbdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276514?format=api", "vulnerability_id": "VCID-24vd-syhs-gbhc", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41a8.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35063", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35063" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35063.md", "reference_id": "CVE-2022-35063.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:49:46Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35063.md" }, { "reference_url": "https://drive.google.com/file/d/1VW_6SXTGWABHMqW6m-hpfpbedaJFFG5b/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:49:46Z/" } ], "url": "https://drive.google.com/file/d/1VW_6SXTGWABHMqW6m-hpfpbedaJFFG5b/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35063" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24vd-syhs-gbhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276495?format=api", "vulnerability_id": "VCID-261q-t1h8-bufj", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c08a6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35043", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59061", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59083", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59098", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.6035", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35043" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35043.md", "reference_id": "CVE-2022-35043.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:00:56Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35043.md" }, { "reference_url": "https://drive.google.com/file/d/14CXldgbsymRm_4PkWmuVSIvliOiG2rOa/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:00:56Z/" } ], "url": "https://drive.google.com/file/d/14CXldgbsymRm_4PkWmuVSIvliOiG2rOa/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35043" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-261q-t1h8-bufj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276705?format=api", "vulnerability_id": "VCID-2pzz-h5vd-wyah", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /x86_64-linux-gnu/libc.so.6+0xbb384.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35469", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51866", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35469" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35469" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2pzz-h5vd-wyah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276505?format=api", "vulnerability_id": "VCID-2unr-76q5-y7aw", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x61731f.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54045", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55628", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5559", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55618", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35053" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35053.md", "reference_id": "CVE-2022-35053.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:00:11Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35053.md" }, { "reference_url": "https://drive.google.com/file/d/1frfdVcR0UJVO-vKDLb19yWQgeTqdeohJ/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:00:11Z/" } ], "url": "https://drive.google.com/file/d/1frfdVcR0UJVO-vKDLb19yWQgeTqdeohJ/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35053" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2unr-76q5-y7aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276710?format=api", "vulnerability_id": "VCID-3a9d-3kme-73d2", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b544e.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35474" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35474" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3a9d-3kme-73d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276488?format=api", "vulnerability_id": "VCID-3v18-r2f3-1qdv", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e1fc8.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53455", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35036" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35036.md", "reference_id": "CVE-2022-35036.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:06:52Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35036.md" }, { "reference_url": "https://drive.google.com/file/d/1tcZhjgZse-a8W6vOiBmdQhxtAVr2xyK0/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:06:52Z/" } ], "url": "https://drive.google.com/file/d/1tcZhjgZse-a8W6vOiBmdQhxtAVr2xyK0/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35036" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3v18-r2f3-1qdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276490?format=api", "vulnerability_id": "VCID-4cy9-447q-mbf3", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b064d.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48484", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48507", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48481", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48459", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48482", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48489", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35038" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35038.md", "reference_id": "CVE-2022-35038.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:08:21Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35038.md" }, { "reference_url": "https://drive.google.com/file/d/1jhHvfkoD7fuMWbrhYxbOnJaSeW-Y2lKI/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:08:21Z/" } ], "url": "https://drive.google.com/file/d/1jhHvfkoD7fuMWbrhYxbOnJaSeW-Y2lKI/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35038" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4cy9-447q-mbf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276491?format=api", "vulnerability_id": "VCID-4f2u-sskp-zkhu", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e20a0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.6035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60291", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60284", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60334", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35039" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35039.md", "reference_id": "CVE-2022-35039.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:07:36Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35039.md" }, { "reference_url": "https://drive.google.com/file/d/1EEF3Qb6qqaQrSdkxuaTLJB92bCfSi3od/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:07:36Z/" } ], "url": "https://drive.google.com/file/d/1EEF3Qb6qqaQrSdkxuaTLJB92bCfSi3od/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35039" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4f2u-sskp-zkhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276720?format=api", "vulnerability_id": "VCID-4ses-k1k7-9ycz", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37886", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37825", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35485" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35485" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ses-k1k7-9ycz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276693?format=api", "vulnerability_id": "VCID-4z3j-9yy6-u3eb", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x617087.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35456" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35456" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4z3j-9yy6-u3eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3717?format=api", "vulnerability_id": "VCID-4zzy-q5zp-jkgm", "summary": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81381", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.8131", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81319", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81341", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81368", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81373", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81394", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697", "reference_id": "531697", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936", "reference_id": "551936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919", "reference_id": "560919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920", "reference_id": "560920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921", "reference_id": "560921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922", "reference_id": "560922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926", "reference_id": "560926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927", "reference_id": "560927", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928", "reference_id": "560928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929", "reference_id": "560929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930", "reference_id": "560930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935", "reference_id": "560935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936", "reference_id": "560936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937", "reference_id": "560937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940", "reference_id": "560940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942", "reference_id": "560942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950", "reference_id": "560950", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053", "reference_id": "601053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3720.json", "reference_id": "CVE-2009-3720", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3720.json" }, { "reference_url": "https://security.gentoo.org/glsa/201209-06", "reference_id": "GLSA-201209-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1572", "reference_id": "RHSA-2009:1572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1625", "reference_id": "RHSA-2009:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0002", "reference_id": "RHSA-2010:0002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0491", "reference_id": "RHSA-2011:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0492", "reference_id": "RHSA-2011:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" }, { "reference_url": "https://usn.ubuntu.com/890-2/", "reference_id": "USN-890-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-2/" }, { "reference_url": "https://usn.ubuntu.com/890-3/", "reference_id": "USN-890-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-3/" }, { "reference_url": "https://usn.ubuntu.com/890-4/", "reference_id": "USN-890-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-4/" }, { "reference_url": "https://usn.ubuntu.com/890-5/", "reference_id": "USN-890-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-5/" }, { "reference_url": "https://usn.ubuntu.com/890-6/", "reference_id": "USN-890-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-6/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940726?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940730?format=api", "purl": "pkg:deb/debian/texlive-bin@2024.20240313.70630%2Bds-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2024.20240313.70630%252Bds-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940729?format=api", "purl": "pkg:deb/debian/texlive-bin@2025.20250727.75242%2Bds-5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2025.20250727.75242%252Bds-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3720" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzy-q5zp-jkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276706?format=api", "vulnerability_id": "VCID-5p9e-n6p5-mudd", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x65fc97.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35470", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35470" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35470" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5p9e-n6p5-mudd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276707?format=api", "vulnerability_id": "VCID-6fwt-gfj6-j7av", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35471", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35471" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35471" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fwt-gfj6-j7av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276684?format=api", "vulnerability_id": "VCID-72m2-st3u-uyfm", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b04de.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35447" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35447" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72m2-st3u-uyfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276685?format=api", "vulnerability_id": "VCID-76vf-yebs-mkg8", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b55af.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35448" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35448" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76vf-yebs-mkg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276517?format=api", "vulnerability_id": "VCID-7x9j-31fq-hkg2", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b8.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53455", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35066" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35066.md", "reference_id": "CVE-2022-35066.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:36:19Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35066.md" }, { "reference_url": "https://drive.google.com/file/d/1zUk2e65kK-htzApaQZguAQgT6nqq4S7J/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:36:19Z/" } ], "url": "https://drive.google.com/file/d/1zUk2e65kK-htzApaQZguAQgT6nqq4S7J/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35066" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7x9j-31fq-hkg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276696?format=api", "vulnerability_id": "VCID-86bc-apbh-sbbn", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x61731f.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35460" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35460" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86bc-apbh-sbbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276701?format=api", "vulnerability_id": "VCID-88vn-jepe-33c1", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0414.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35465", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35465" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35465" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88vn-jepe-33c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276476?format=api", "vulnerability_id": "VCID-8qwb-455y-bbcp", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x86_64-linux-gnu/libc.so.6+0xbb384.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51819", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5187", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51781", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51806", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51822", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35023" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35023.md", "reference_id": "CVE-2022-35023.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:06:40Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35023.md" }, { "reference_url": "https://drive.google.com/file/d/17O7YeqDeVdrBJ1doBw46AvPIwQyYu0wM/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:06:40Z/" } ], "url": "https://drive.google.com/file/d/17O7YeqDeVdrBJ1doBw46AvPIwQyYu0wM/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35023" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qwb-455y-bbcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276487?format=api", "vulnerability_id": "VCID-8xnh-5jb4-uygz", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b559f.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53455", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35035" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35035.md", "reference_id": "CVE-2022-35035.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:07:34Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35035.md" }, { "reference_url": "https://drive.google.com/file/d/1sRs48QDA0PSTYLUdkGyh_tvqs61yXNi7/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:07:34Z/" } ], "url": "https://drive.google.com/file/d/1sRs48QDA0PSTYLUdkGyh_tvqs61yXNi7/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35035" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xnh-5jb4-uygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276496?format=api", "vulnerability_id": "VCID-911d-pbx5-4qge", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x617087.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59061", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59083", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59098", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.6035", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35044" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35044.md", "reference_id": "CVE-2022-35044.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:00:36Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35044.md" }, { "reference_url": "https://drive.google.com/file/d/1A9LlI9ioeAnoZjA_9c7WQbckV8gCiVIn/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:00:36Z/" } ], "url": "https://drive.google.com/file/d/1A9LlI9ioeAnoZjA_9c7WQbckV8gCiVIn/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35044" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-911d-pbx5-4qge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57880?format=api", "vulnerability_id": "VCID-94qj-jzse-vuhv", "summary": "This GLSA contains notification of vulnerabilities found in several\n Gentoo packages which have been fixed prior to January 1, 2011. The worst\n of these vulnerabilities could lead to local privilege escalation and\n remote code execution. Please see the package list and CVE identifiers\n below for more information.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041587.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041587.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0829.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0829.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89756", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89715", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89718", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89732", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89734", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89752", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89758", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89765", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0504", "scoring_system": "epss", "scoring_elements": "0.89763", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829" }, { "reference_url": "http://secunia.com/advisories/39914", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/39914" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9718" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2048", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2010/dsa-2048" }, { "reference_url": "http://www.ubuntu.com/usn/USN-936-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-936-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1219" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=573999", "reference_id": "573999", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=573999" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580628", "reference_id": "580628", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580628" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jan-ake_larsson:dvipng:1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jan-ake_larsson:dvipng:1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jan-ake_larsson:dvipng:1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jan-ake_larsson:dvipng:1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jan-ake_larsson:dvipng:1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jan-ake_larsson:dvipng:1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0829", "reference_id": "CVE-2010-0829", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0829" }, { "reference_url": "https://security.gentoo.org/glsa/201412-08", "reference_id": "GLSA-201412-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/936-1/", "reference_id": "USN-936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940726?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940730?format=api", "purl": "pkg:deb/debian/texlive-bin@2024.20240313.70630%2Bds-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2024.20240313.70630%252Bds-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940729?format=api", "purl": "pkg:deb/debian/texlive-bin@2025.20250727.75242%2Bds-5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2025.20250727.75242%252Bds-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0829" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94qj-jzse-vuhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276687?format=api", "vulnerability_id": "VCID-97ds-z5dk-6kbu", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b84b1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35450" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-97ds-z5dk-6kbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276692?format=api", "vulnerability_id": "VCID-9e9z-hm4a-37ab", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0d63.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35455", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35455" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35455" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9e9z-hm4a-37ab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276499?format=api", "vulnerability_id": "VCID-9mn1-e4dm-nfhd", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05aa.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35047", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54045", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55628", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5559", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55618", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35047" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35047.md", "reference_id": "CVE-2022-35047.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:54:10Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35047.md" }, { "reference_url": "https://drive.google.com/file/d/10asu-uKB2GIpnoGkAvvZPTqt4ylBU83s/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:54:10Z/" } ], "url": "https://drive.google.com/file/d/10asu-uKB2GIpnoGkAvvZPTqt4ylBU83s/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35047" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9mn1-e4dm-nfhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61626?format=api", "vulnerability_id": "VCID-9rxm-r4mc-ckhe", "summary": "Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27548", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.4891", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48947", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48973", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48927", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48981", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48978", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48995", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48969", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48976", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27548" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011333", "reference_id": "1011333", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011333" }, { "reference_url": "https://security.gentoo.org/glsa/202405-18", "reference_id": "GLSA-202405-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940742?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940726?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940730?format=api", "purl": "pkg:deb/debian/texlive-bin@2024.20240313.70630%2Bds-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2024.20240313.70630%252Bds-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940729?format=api", "purl": "pkg:deb/debian/texlive-bin@2025.20250727.75242%2Bds-5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2025.20250727.75242%252Bds-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-27548" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9rxm-r4mc-ckhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276475?format=api", "vulnerability_id": "VCID-a6an-r3tj-93ge", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39714", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39757", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39766", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.3973", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39747", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39769", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39688", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39742", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35022" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35022.md", "reference_id": "CVE-2022-35022.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:30:42Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35022.md" }, { "reference_url": "https://drive.google.com/file/d/15eb-k1eDCeVLgb1G9JUSFHmGHHkDc79z/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:30:42Z/" } ], "url": "https://drive.google.com/file/d/15eb-k1eDCeVLgb1G9JUSFHmGHHkDc79z/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35022" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a6an-r3tj-93ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276704?format=api", "vulnerability_id": "VCID-ast7-b75m-7uh3", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e420d.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35468" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35468" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ast7-b75m-7uh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276492?format=api", "vulnerability_id": "VCID-bdbb-4kgq-y7ad", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46922", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46939", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46886", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46941", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48507", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48481", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48484", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35040" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35040.md", "reference_id": "CVE-2022-35040.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T19:34:56Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35040.md" }, { "reference_url": "https://drive.google.com/file/d/1MPyMYxi3cqeAzJYl-TU6NuSxDC53aVyl/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T19:34:56Z/" } ], "url": "https://drive.google.com/file/d/1MPyMYxi3cqeAzJYl-TU6NuSxDC53aVyl/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35040" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bdbb-4kgq-y7ad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276504?format=api", "vulnerability_id": "VCID-bdke-da3n-37hw", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b84b1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54045", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55628", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5559", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55618", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35052" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35052.md", "reference_id": "CVE-2022-35052.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:47:57Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35052.md" }, { "reference_url": "https://drive.google.com/file/d/134NkAgE_Dcmx558FgvTHifl_avVlF-AH/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:47:57Z/" } ], "url": "https://drive.google.com/file/d/134NkAgE_Dcmx558FgvTHifl_avVlF-AH/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35052" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bdke-da3n-37hw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/275493?format=api", "vulnerability_id": "VCID-bw8n-jvsd-bqe9", "summary": "OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-33047", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64061", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64089", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64099", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64115", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64116", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64087", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-33047" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-33047" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bw8n-jvsd-bqe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276509?format=api", "vulnerability_id": "VCID-d4tp-mmgz-6udh", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05ce.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52024", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.5199", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52045", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53452", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35058" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35058.md", "reference_id": "CVE-2022-35058.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:53:52Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35058.md" }, { "reference_url": "https://drive.google.com/file/d/1nqWScJjiK05VUxhBxrtJbrc3WK2iA_WI/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:53:52Z/" } ], "url": "https://drive.google.com/file/d/1nqWScJjiK05VUxhBxrtJbrc3WK2iA_WI/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35058" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d4tp-mmgz-6udh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276503?format=api", "vulnerability_id": "VCID-dcjs-7eyq-a7gn", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b55af.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35051", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39831", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39886", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41103", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41123", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41089", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41072", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35051" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35051" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcjs-7eyq-a7gn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48283?format=api", "vulnerability_id": "VCID-dn3b-smm9-63eb", "summary": "Poppler does not handle fonts inside PDF files safely, allowing for\n execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.9181", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91818", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91824", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.9185", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91851", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=441722", "reference_id": "441722", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=441722" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842", "reference_id": "476842", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842" }, { "reference_url": "https://security.gentoo.org/glsa/200804-18", "reference_id": "GLSA-200804-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0238", "reference_id": "RHSA-2008:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0238" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0239", "reference_id": "RHSA-2008:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0240", "reference_id": "RHSA-2008:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0262", "reference_id": "RHSA-2008:0262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0262" }, { "reference_url": "https://usn.ubuntu.com/603-1/", "reference_id": "USN-603-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/603-1/" }, { "reference_url": "https://usn.ubuntu.com/603-2/", "reference_id": "USN-603-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/603-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940726?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940730?format=api", "purl": "pkg:deb/debian/texlive-bin@2024.20240313.70630%2Bds-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2024.20240313.70630%252Bds-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940729?format=api", "purl": "pkg:deb/debian/texlive-bin@2025.20250727.75242%2Bds-5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2025.20250727.75242%252Bds-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-1693" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dn3b-smm9-63eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276698?format=api", "vulnerability_id": "VCID-e8ev-axf6-dbc3", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0bc3.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35462" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35462" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8ev-axf6-dbc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276474?format=api", "vulnerability_id": "VCID-ecbh-vzp4-x7dr", "summary": "OTFCC commit 617837b was discovered to contain a global buffer overflow via /release-x64/otfccdump+0x718693.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55957", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55984", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55995", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55975", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55931", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55952", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55982", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35021" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35021.md", "reference_id": "CVE-2022-35021.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:31:17Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35021.md" }, { "reference_url": "https://drive.google.com/file/d/1Aer3pVGg3ZZrdlGOfMhdnSqAjOQj_3xK/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:31:17Z/" } ], "url": "https://drive.google.com/file/d/1Aer3pVGg3ZZrdlGOfMhdnSqAjOQj_3xK/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35021" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecbh-vzp4-x7dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276713?format=api", "vulnerability_id": "VCID-eeet-mw7y-rudx", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35477", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51866", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35477" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35477" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eeet-mw7y-rudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276709?format=api", "vulnerability_id": "VCID-euy5-4h8q-hyb3", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51866", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35473" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35473" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-euy5-4h8q-hyb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276519?format=api", "vulnerability_id": "VCID-fbkh-5sb9-auc5", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e420d.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35068" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35068.md", "reference_id": "CVE-2022-35068.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:33:55Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35068.md" }, { "reference_url": "https://drive.google.com/file/d/193D7sPydmZiciaRD3r1UK_V3VT17GJFA/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:33:55Z/" } ], "url": "https://drive.google.com/file/d/193D7sPydmZiciaRD3r1UK_V3VT17GJFA/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35068" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbkh-5sb9-auc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276716?format=api", "vulnerability_id": "VCID-fkft-abbt-6ydx", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37943", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37871", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37899", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37863", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37838", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35481" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35481" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fkft-abbt-6ydx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276702?format=api", "vulnerability_id": "VCID-fymb-bvn2-p7ej", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0473.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35466", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35466" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35466" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fymb-bvn2-p7ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276691?format=api", "vulnerability_id": "VCID-fz4x-mcwe-aqgf", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05aa.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35454", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35454" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35454" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fz4x-mcwe-aqgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276686?format=api", "vulnerability_id": "VCID-gh4u-68x5-27db", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0466.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35449" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35449" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gh4u-68x5-27db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276483?format=api", "vulnerability_id": "VCID-gsk7-273v-qfdz", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51819", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5187", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51781", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51806", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51822", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35030" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35030.md", "reference_id": "CVE-2022-35030.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:26:22Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35030.md" }, { "reference_url": "https://drive.google.com/file/d/15y2h3Z7LR3mgpoQ2QE2yM_my9i8A77AA/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:26:22Z/" } ], "url": "https://drive.google.com/file/d/15y2h3Z7LR3mgpoQ2QE2yM_my9i8A77AA/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35030" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gsk7-273v-qfdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276518?format=api", "vulnerability_id": "VCID-h73f-kd2u-5yg3", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53455", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35067" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35067.md", "reference_id": "CVE-2022-35067.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:35:28Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35067.md" }, { "reference_url": "https://drive.google.com/file/d/12PsreXrpGGy0Rx2URDd4XmlPPh5wVLmF/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:35:28Z/" } ], "url": "https://drive.google.com/file/d/12PsreXrpGGy0Rx2URDd4XmlPPh5wVLmF/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35067" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h73f-kd2u-5yg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276700?format=api", "vulnerability_id": "VCID-hd3g-vc2p-4fhf", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6171b2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35464" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35464" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hd3g-vc2p-4fhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276711?format=api", "vulnerability_id": "VCID-hqv6-gney-2fgw", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41a8.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35475" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35475" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hqv6-gney-2fgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276513?format=api", "vulnerability_id": "VCID-hx8f-h823-kkhr", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0bc3.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35062", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35062" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35062.md", "reference_id": "CVE-2022-35062.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:51:02Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35062.md" }, { "reference_url": "https://drive.google.com/file/d/10KZeJTraCRuFED4y6Dv0XyPA-QJydKSa/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:51:02Z/" } ], "url": "https://drive.google.com/file/d/10KZeJTraCRuFED4y6Dv0XyPA-QJydKSa/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35062" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hx8f-h823-kkhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276697?format=api", "vulnerability_id": "VCID-jahu-d9d6-jbbt", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0a32.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35461" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35461" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jahu-d9d6-jbbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276479?format=api", "vulnerability_id": "VCID-jxh3-k3es-bqah", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37886", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35026" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35026.md", "reference_id": "CVE-2022-35026.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:11:31Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35026.md" }, { "reference_url": "https://drive.google.com/file/d/13A5FLmr3NiQZMNUpd9ir3owrnbn5lZbO/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:11:31Z/" } ], "url": "https://drive.google.com/file/d/13A5FLmr3NiQZMNUpd9ir3owrnbn5lZbO/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35026" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jxh3-k3es-bqah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276520?format=api", "vulnerability_id": "VCID-k5ue-ga1d-q7gv", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b544e.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35069", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53455", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53468", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35069" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35069" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k5ue-ga1d-q7gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276477?format=api", "vulnerability_id": "VCID-knp7-hye9-a3gv", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37886", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35024" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35024.md", "reference_id": "CVE-2022-35024.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:05:53Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35024.md" }, { "reference_url": "https://drive.google.com/file/d/1s0VrWOJea_RRUJpZ0zgHV83NwGZlrIMt/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:05:53Z/" } ], "url": "https://drive.google.com/file/d/1s0VrWOJea_RRUJpZ0zgHV83NwGZlrIMt/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35024" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-knp7-hye9-a3gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276486?format=api", "vulnerability_id": "VCID-m7rd-mh53-bycu", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e7e3d.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35034" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35034.md", "reference_id": "CVE-2022-35034.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:08:13Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35034.md" }, { "reference_url": "https://drive.google.com/file/d/14qQpo_APymGhcKMU8B0epT20ImFC02LR/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:08:13Z/" } ], "url": "https://drive.google.com/file/d/14qQpo_APymGhcKMU8B0epT20ImFC02LR/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35034" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m7rd-mh53-bycu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276478?format=api", "vulnerability_id": "VCID-mm9w-wmdz-qye4", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37886", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35025" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35025.md", "reference_id": "CVE-2022-35025.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:12:44Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35025.md" }, { "reference_url": "https://drive.google.com/file/d/1aXat1h1gl1HqxVNdS1ryFVp8Y3nD4TGZ/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:12:44Z/" } ], "url": "https://drive.google.com/file/d/1aXat1h1gl1HqxVNdS1ryFVp8Y3nD4TGZ/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35025" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mm9w-wmdz-qye4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276715?format=api", "vulnerability_id": "VCID-msch-wzj9-h7ga", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51866", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35479" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35479" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-msch-wzj9-h7ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276703?format=api", "vulnerability_id": "VCID-n68j-881x-3uhp", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b8.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35467" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35467" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n68j-881x-3uhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276480?format=api", "vulnerability_id": "VCID-nckm-umvv-3qcn", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35027", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37886", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35027" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35027.md", "reference_id": "CVE-2022-35027.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:42Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35027.md" }, { "reference_url": "https://drive.google.com/file/d/1UEIyEM_nozYHYjSfc0HbbVnrR2oV9QJQ/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:42Z/" } ], "url": "https://drive.google.com/file/d/1UEIyEM_nozYHYjSfc0HbbVnrR2oV9QJQ/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35027" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nckm-umvv-3qcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276695?format=api", "vulnerability_id": "VCID-nk95-xdjm-vyfq", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e412a.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35459" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35459" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nk95-xdjm-vyfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276708?format=api", "vulnerability_id": "VCID-nucx-up6e-ayb8", "summary": "OTFCC v0.10.4 was discovered to contain a global overflow via /release-x64/otfccdump+0x718693.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51866", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35472" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35472" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nucx-up6e-ayb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276689?format=api", "vulnerability_id": "VCID-nvrx-x1qs-vkdb", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0b2c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35452" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35452" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nvrx-x1qs-vkdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276512?format=api", "vulnerability_id": "VCID-p973-cuza-tuhp", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e412a.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35061" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35061.md", "reference_id": "CVE-2022-35061.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:52:35Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35061.md" }, { "reference_url": "https://drive.google.com/file/d/1q7LJap9D_gyo-L64b3Nhfc4zEC-_mcH3/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:52:35Z/" } ], "url": "https://drive.google.com/file/d/1q7LJap9D_gyo-L64b3Nhfc4zEC-_mcH3/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35061" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p973-cuza-tuhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276494?format=api", "vulnerability_id": "VCID-q4qv-tq4j-3uh2", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adb11.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46922", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46939", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46886", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46941", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48507", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48481", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48484", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35042" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35042.md", "reference_id": "CVE-2022-35042.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:04:02Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35042.md" }, { "reference_url": "https://drive.google.com/file/d/1Gj8rA1kD89lxUZVb_t-s3-18-ospJRJC/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:04:02Z/" } ], "url": "https://drive.google.com/file/d/1Gj8rA1kD89lxUZVb_t-s3-18-ospJRJC/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35042" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4qv-tq4j-3uh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276489?format=api", "vulnerability_id": "VCID-qdek-hd55-hbe2", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6adb1e.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35037" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35037.md", "reference_id": "CVE-2022-35037.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:09:03Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35037.md" }, { "reference_url": "https://drive.google.com/file/d/12SuaaZOa_I7ndwttQqaLWkBTWcIfTgu9/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:09:03Z/" } ], "url": "https://drive.google.com/file/d/12SuaaZOa_I7ndwttQqaLWkBTWcIfTgu9/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35037" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdek-hd55-hbe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276719?format=api", "vulnerability_id": "VCID-qjxs-qf6j-zycc", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56052", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56073", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56107", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56118", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56095", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56078", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35484" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35484" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjxs-qf6j-zycc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3716?format=api", "vulnerability_id": "VCID-qtav-hqnd-b7fa", "summary": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86182", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86111", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86121", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86137", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86156", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03311", "scoring_system": "epss", "scoring_elements": "0.87253", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03311", "scoring_system": "epss", "scoring_elements": "0.87257", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174", "reference_id": "533174", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901", "reference_id": "560901", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919", "reference_id": "560919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920", "reference_id": "560920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921", "reference_id": "560921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922", "reference_id": "560922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926", "reference_id": "560926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927", "reference_id": "560927", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928", "reference_id": "560928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929", "reference_id": "560929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930", "reference_id": "560930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935", "reference_id": "560935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936", "reference_id": "560936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937", "reference_id": "560937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940", "reference_id": "560940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942", "reference_id": "560942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053", "reference_id": "601053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3560.json", "reference_id": "CVE-2009-3560", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3560.json" }, { "reference_url": "https://security.gentoo.org/glsa/201209-06", "reference_id": "GLSA-201209-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1625", "reference_id": "RHSA-2009:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" }, { "reference_url": "https://usn.ubuntu.com/890-2/", "reference_id": "USN-890-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-2/" }, { "reference_url": "https://usn.ubuntu.com/890-3/", "reference_id": "USN-890-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-3/" }, { "reference_url": "https://usn.ubuntu.com/890-4/", "reference_id": "USN-890-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-4/" }, { "reference_url": "https://usn.ubuntu.com/890-5/", "reference_id": "USN-890-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-5/" }, { "reference_url": "https://usn.ubuntu.com/890-6/", "reference_id": "USN-890-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-6/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940726?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940730?format=api", "purl": "pkg:deb/debian/texlive-bin@2024.20240313.70630%2Bds-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2024.20240313.70630%252Bds-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940729?format=api", "purl": "pkg:deb/debian/texlive-bin@2025.20250727.75242%2Bds-5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2025.20250727.75242%252Bds-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3560" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtav-hqnd-b7fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85955?format=api", "vulnerability_id": "VCID-r5ua-zasf-2kae", "summary": "texlive: insecure use of /tmp in mktexlsr", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5701.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5701.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39384", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39546", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39569", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39484", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39539", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39554", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39565", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39526", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.3951", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181167", "reference_id": "1181167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181167" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940726?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940730?format=api", "purl": "pkg:deb/debian/texlive-bin@2024.20240313.70630%2Bds-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2024.20240313.70630%252Bds-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940729?format=api", "purl": "pkg:deb/debian/texlive-bin@2025.20250727.75242%2Bds-5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2025.20250727.75242%252Bds-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-5701" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r5ua-zasf-2kae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276493?format=api", "vulnerability_id": "VCID-rrqw-zrh2-33dn", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b558f.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46922", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46939", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46886", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46941", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48507", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48481", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48484", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35041" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35041.md", "reference_id": "CVE-2022-35041.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:05:30Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35041.md" }, { "reference_url": "https://drive.google.com/file/d/1pzPVwMvEu-qvuyw6Mbu42zuKoaq6cp-6/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:05:30Z/" } ], "url": "https://drive.google.com/file/d/1pzPVwMvEu-qvuyw6Mbu42zuKoaq6cp-6/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35041" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrqw-zrh2-33dn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276502?format=api", "vulnerability_id": "VCID-rype-ss6b-aude", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b04de.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39831", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39886", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41123", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41089", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41103", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35050" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35050.md", "reference_id": "CVE-2022-35050.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:48:41Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35050.md" }, { "reference_url": "https://drive.google.com/file/d/1WdB1yvIoEvOB4iWh5TLiMJIzxUQNln56/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:48:41Z/" } ], "url": "https://drive.google.com/file/d/1WdB1yvIoEvOB4iWh5TLiMJIzxUQNln56/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35050" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rype-ss6b-aude" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276506?format=api", "vulnerability_id": "VCID-su1a-e49q-pffw", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6171b2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35054", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.38013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.38038", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37968", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35054" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35054.md", "reference_id": "CVE-2022-35054.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:58:48Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35054.md" }, { "reference_url": "https://drive.google.com/file/d/1FoSPYJUO3hvUQywukndavdmu-45A-v2l/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:58:48Z/" } ], "url": "https://drive.google.com/file/d/1FoSPYJUO3hvUQywukndavdmu-45A-v2l/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35054" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-su1a-e49q-pffw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276482?format=api", "vulnerability_id": "VCID-t8bs-vvts-47ag", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37886", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35029" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35029.md", "reference_id": "CVE-2022-35029.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:27:17Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35029.md" }, { "reference_url": "https://drive.google.com/file/d/1x0eGL9tYqc7BEapsTqD78FTu9H8GKZ6l/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:27:17Z/" } ], "url": "https://drive.google.com/file/d/1x0eGL9tYqc7BEapsTqD78FTu9H8GKZ6l/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35029" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8bs-vvts-47ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276497?format=api", "vulnerability_id": "VCID-tqm6-8w98-q3dr", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0d63.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35045", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.38013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.38038", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37968", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35045" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35045.md", "reference_id": "CVE-2022-35045.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:56:46Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35045.md" }, { "reference_url": "https://drive.google.com/file/d/1eIYb4VDyDnXLCjXKSoFQjkmoXyaCmr-m/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:56:46Z/" } ], "url": "https://drive.google.com/file/d/1eIYb4VDyDnXLCjXKSoFQjkmoXyaCmr-m/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35045" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tqm6-8w98-q3dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276485?format=api", "vulnerability_id": "VCID-tz15-rmx4-pkdq", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37886", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37858", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35032" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35032.md", "reference_id": "CVE-2022-35032.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:13:45Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35032.md" }, { "reference_url": "https://drive.google.com/file/d/1dldtU6kKgZbFdgQi4Md0p3t8RPOtKTG-/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:13:45Z/" } ], "url": "https://drive.google.com/file/d/1dldtU6kKgZbFdgQi4Md0p3t8RPOtKTG-/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35032" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tz15-rmx4-pkdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276507?format=api", "vulnerability_id": "VCID-u9ur-b18b-gfhr", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0473.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35055", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.38013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.38038", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37968", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35055" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35055.md", "reference_id": "CVE-2022-35055.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:57:29Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35055.md" }, { "reference_url": "https://drive.google.com/file/d/1PZ0D3DslISfUxI6CJ--giXQHYKE0JZ7K/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:57:29Z/" } ], "url": "https://drive.google.com/file/d/1PZ0D3DslISfUxI6CJ--giXQHYKE0JZ7K/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35055" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9ur-b18b-gfhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276511?format=api", "vulnerability_id": "VCID-utve-4z7c-tkhk", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0a32.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35060" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35060.md", "reference_id": "CVE-2022-35060.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T15:20:16Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35060.md" }, { "reference_url": "https://drive.google.com/file/d/1VYQgASJR85XpuaakJJxRh_HmAoa61Nce/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T15:20:16Z/" } ], "url": "https://drive.google.com/file/d/1VYQgASJR85XpuaakJJxRh_HmAoa61Nce/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35060" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-utve-4z7c-tkhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276699?format=api", "vulnerability_id": "VCID-v7pb-brn7-v7ah", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0478.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53506", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35463" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35463" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v7pb-brn7-v7ah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276501?format=api", "vulnerability_id": "VCID-v9pk-ecc9-yqbm", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b03b5.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54045", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55628", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5559", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55618", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35049" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35049.md", "reference_id": "CVE-2022-35049.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:49:56Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35049.md" }, { "reference_url": "https://drive.google.com/file/d/1h9mF80-Q13S3ZDZGLEM7hBIzCPwNDWhm/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:49:56Z/" } ], "url": "https://drive.google.com/file/d/1h9mF80-Q13S3ZDZGLEM7hBIzCPwNDWhm/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35049" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v9pk-ecc9-yqbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276690?format=api", "vulnerability_id": "VCID-vfty-pe45-pya4", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c08a6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35453", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35453" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35453" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfty-pe45-pya4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276484?format=api", "vulnerability_id": "VCID-vk2y-ftzh-sqgh", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51819", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5187", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51781", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51806", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51822", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35031" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35031.md", "reference_id": "CVE-2022-35031.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:25:21Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35031.md" }, { "reference_url": "https://drive.google.com/file/d/1ekHL103KNESRt8yFKhRfnhyzqlYRRUfs/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:25:21Z/" } ], "url": "https://drive.google.com/file/d/1ekHL103KNESRt8yFKhRfnhyzqlYRRUfs/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35031" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vk2y-ftzh-sqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276500?format=api", "vulnerability_id": "VCID-whjt-pvqp-jycr", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0b2c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35048", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54045", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55628", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5559", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55618", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35048" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35048.md", "reference_id": "CVE-2022-35048.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:52:18Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35048.md" }, { "reference_url": "https://drive.google.com/file/d/18cCD_Z6TDbx9IDQQKq3ZTALMGWSl_qWH/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:52:18Z/" } ], "url": "https://drive.google.com/file/d/18cCD_Z6TDbx9IDQQKq3ZTALMGWSl_qWH/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35048" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-whjt-pvqp-jycr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276721?format=api", "vulnerability_id": "VCID-whmq-gsw4-sbgg", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35486", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51866", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35486" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35486" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-whmq-gsw4-sbgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276498?format=api", "vulnerability_id": "VCID-wngf-qn2d-ykef", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0466.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35046", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39969", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39996", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39918", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39971", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41177", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41144", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41127", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41157", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35046" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35046.md", "reference_id": "CVE-2022-35046.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:54:50Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35046.md" }, { "reference_url": "https://drive.google.com/file/d/1M8imA5zUlsMA6lgUbvLQ6rbEn6CO6QKq/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:54:50Z/" } ], "url": "https://drive.google.com/file/d/1M8imA5zUlsMA6lgUbvLQ6rbEn6CO6QKq/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35046" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wngf-qn2d-ykef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276521?format=api", "vulnerability_id": "VCID-ws93-jgn7-83c8", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x65fc97.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35070", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39285", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39259", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35070" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35070" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ws93-jgn7-83c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276481?format=api", "vulnerability_id": "VCID-xfy6-snb8-63av", "summary": "OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51819", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5187", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51781", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51806", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51822", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35028" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35028.md", "reference_id": "CVE-2022-35028.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:09:47Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35028.md" }, { "reference_url": "https://drive.google.com/file/d/15hma-XPdkV0NfZZweuyYuxa8rMAfKbRG/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:09:47Z/" } ], "url": "https://drive.google.com/file/d/15hma-XPdkV0NfZZweuyYuxa8rMAfKbRG/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35028" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xfy6-snb8-63av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276688?format=api", "vulnerability_id": "VCID-xrgb-9dwh-mubm", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b03b5.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35451", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35451" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35451" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xrgb-9dwh-mubm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276714?format=api", "vulnerability_id": "VCID-xxn1-2trx-myhs", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.5185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51866", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35478" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35478" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xxn1-2trx-myhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276718?format=api", "vulnerability_id": "VCID-xzdx-45tg-w7ft", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35483", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37943", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37871", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37899", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37863", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37838", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35483" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35483" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzdx-45tg-w7ft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276712?format=api", "vulnerability_id": "VCID-y2pg-cgqs-s3gb", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37943", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37871", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37899", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37863", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37838", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35476" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35476" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y2pg-cgqs-s3gb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276717?format=api", "vulnerability_id": "VCID-y4qh-ek9n-cyc1", "summary": "OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35482", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37943", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37871", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37899", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37863", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37838", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35482" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35482" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y4qh-ek9n-cyc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276510?format=api", "vulnerability_id": "VCID-ys96-uhkv-2qgv", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0414.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52024", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.5199", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52045", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53452", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35059" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35059.md", "reference_id": "CVE-2022-35059.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:53:00Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35059.md" }, { "reference_url": "https://drive.google.com/file/d/1W9KM7OGlkMu1_7Y1mT_-eEbQJlRDfAJO/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:53:00Z/" } ], "url": "https://drive.google.com/file/d/1W9KM7OGlkMu1_7Y1mT_-eEbQJlRDfAJO/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35059" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ys96-uhkv-2qgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276694?format=api", "vulnerability_id": "VCID-zbsq-dfju-mkf5", "summary": "OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05ce.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39286", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39258", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35458" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602", "reference_id": "1019602", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35458" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zbsq-dfju-mkf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/276508?format=api", "vulnerability_id": "VCID-zqjn-srqb-kfcg", "summary": "OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0478.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35056", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52024", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.5199", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52045", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53501", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53452", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35056" }, { "reference_url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35056.md", "reference_id": "CVE-2022-35056.md", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:54:45Z/" } ], "url": "https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35056.md" }, { "reference_url": "https://drive.google.com/file/d/1OgmLjZ9VnEbzFh8tqyhPlVGJtdrhgfWz/view?usp=sharing", "reference_id": "view?usp=sharing", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:54:45Z/" } ], "url": "https://drive.google.com/file/d/1OgmLjZ9VnEbzFh8tqyhPlVGJtdrhgfWz/view?usp=sharing" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/940733?format=api", "purl": "pkg:deb/debian/texlive-bin@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/940728?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35056" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqjn-srqb-kfcg" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@0%3Fdistro=trixie" }