{"url":"http://public2.vulnerablecode.io/api/packages/994445?format=json","purl":"pkg:deb/debian/texlive-bin@2025.20250727.75242%2Bds-5","type":"deb","namespace":"debian","name":"texlive-bin","version":"2025.20250727.75242+ds-5","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2026.20260303.78225+ds-1","latest_non_vulnerable_version":"2026.20260303.78225+ds-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276516?format=json","vulnerability_id":"VCID-15kj-emtf-vbag","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35065","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35065"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35065.md","reference_id":"CVE-2022-35065.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:42:17Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35065.md"},{"reference_url":"https://drive.google.com/file/d/1emVd7wtL-kIhpSrl0ynkuci2KsSnaoO9/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:42:17Z/"}],"url":"https://drive.google.com/file/d/1emVd7wtL-kIhpSrl0ynkuci2KsSnaoO9/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35065"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-15kj-emtf-vbag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276515?format=json","vulnerability_id":"VCID-22hs-pt9p-fbdn","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adcdb in __asan_memset.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35064","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35064"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35064.md","reference_id":"CVE-2022-35064.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:48:05Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35064.md"},{"reference_url":"https://drive.google.com/file/d/1btOL19V9nmB4BCUBSQ2fViABe3tMZ8mp/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:48:05Z/"}],"url":"https://drive.google.com/file/d/1btOL19V9nmB4BCUBSQ2fViABe3tMZ8mp/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35064"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22hs-pt9p-fbdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276514?format=json","vulnerability_id":"VCID-24vd-syhs-gbhc","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41a8.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35063","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35063"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35063.md","reference_id":"CVE-2022-35063.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:49:46Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35063.md"},{"reference_url":"https://drive.google.com/file/d/1VW_6SXTGWABHMqW6m-hpfpbedaJFFG5b/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:49:46Z/"}],"url":"https://drive.google.com/file/d/1VW_6SXTGWABHMqW6m-hpfpbedaJFFG5b/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35063"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24vd-syhs-gbhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276495?format=json","vulnerability_id":"VCID-261q-t1h8-bufj","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c08a6.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35043","reference_id":"","reference_type":"","scores":[{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59061","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59083","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59048","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59098","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60357","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.6035","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35043"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35043.md","reference_id":"CVE-2022-35043.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:00:56Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35043.md"},{"reference_url":"https://drive.google.com/file/d/14CXldgbsymRm_4PkWmuVSIvliOiG2rOa/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:00:56Z/"}],"url":"https://drive.google.com/file/d/14CXldgbsymRm_4PkWmuVSIvliOiG2rOa/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35043"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-261q-t1h8-bufj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276705?format=json","vulnerability_id":"VCID-2pzz-h5vd-wyah","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /x86_64-linux-gnu/libc.so.6+0xbb384.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35469","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51881","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51866","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35469"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35469"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2pzz-h5vd-wyah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276505?format=json","vulnerability_id":"VCID-2unr-76q5-y7aw","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x61731f.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35053","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54022","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55628","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55607","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5559","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55618","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35053"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35053.md","reference_id":"CVE-2022-35053.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:00:11Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35053.md"},{"reference_url":"https://drive.google.com/file/d/1frfdVcR0UJVO-vKDLb19yWQgeTqdeohJ/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:00:11Z/"}],"url":"https://drive.google.com/file/d/1frfdVcR0UJVO-vKDLb19yWQgeTqdeohJ/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35053"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2unr-76q5-y7aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276710?format=json","vulnerability_id":"VCID-3a9d-3kme-73d2","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b544e.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35474","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35474"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35474"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3a9d-3kme-73d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276488?format=json","vulnerability_id":"VCID-3v18-r2f3-1qdv","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e1fc8.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35036","reference_id":"","reference_type":"","scores":[{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53434","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53455","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35036"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35036.md","reference_id":"CVE-2022-35036.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:06:52Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35036.md"},{"reference_url":"https://drive.google.com/file/d/1tcZhjgZse-a8W6vOiBmdQhxtAVr2xyK0/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:06:52Z/"}],"url":"https://drive.google.com/file/d/1tcZhjgZse-a8W6vOiBmdQhxtAVr2xyK0/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35036"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3v18-r2f3-1qdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276490?format=json","vulnerability_id":"VCID-4cy9-447q-mbf3","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b064d.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35038","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48484","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48481","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48459","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48482","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48434","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48489","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35038"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35038.md","reference_id":"CVE-2022-35038.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:08:21Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35038.md"},{"reference_url":"https://drive.google.com/file/d/1jhHvfkoD7fuMWbrhYxbOnJaSeW-Y2lKI/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:08:21Z/"}],"url":"https://drive.google.com/file/d/1jhHvfkoD7fuMWbrhYxbOnJaSeW-Y2lKI/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35038"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cy9-447q-mbf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276491?format=json","vulnerability_id":"VCID-4f2u-sskp-zkhu","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e20a0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35039","reference_id":"","reference_type":"","scores":[{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.6035","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60357","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60291","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60316","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60284","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60334","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35039"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35039.md","reference_id":"CVE-2022-35039.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:07:36Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35039.md"},{"reference_url":"https://drive.google.com/file/d/1EEF3Qb6qqaQrSdkxuaTLJB92bCfSi3od/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:07:36Z/"}],"url":"https://drive.google.com/file/d/1EEF3Qb6qqaQrSdkxuaTLJB92bCfSi3od/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35039"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4f2u-sskp-zkhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276720?format=json","vulnerability_id":"VCID-4ses-k1k7-9ycz","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35485","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35485"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35485"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ses-k1k7-9ycz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276693?format=json","vulnerability_id":"VCID-4z3j-9yy6-u3eb","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x617087.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35456","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35456"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35456"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4z3j-9yy6-u3eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276706?format=json","vulnerability_id":"VCID-5p9e-n6p5-mudd","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x65fc97.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35470","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35470"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35470"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5p9e-n6p5-mudd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276707?format=json","vulnerability_id":"VCID-6fwt-gfj6-j7av","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35471","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35471"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35471"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6fwt-gfj6-j7av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276684?format=json","vulnerability_id":"VCID-72m2-st3u-uyfm","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b04de.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35447","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35447"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35447"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-72m2-st3u-uyfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276685?format=json","vulnerability_id":"VCID-76vf-yebs-mkg8","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b55af.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35448","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35448"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35448"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76vf-yebs-mkg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276517?format=json","vulnerability_id":"VCID-7x9j-31fq-hkg2","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b8.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35066","reference_id":"","reference_type":"","scores":[{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53434","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53455","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35066"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35066.md","reference_id":"CVE-2022-35066.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:36:19Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35066.md"},{"reference_url":"https://drive.google.com/file/d/1zUk2e65kK-htzApaQZguAQgT6nqq4S7J/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:36:19Z/"}],"url":"https://drive.google.com/file/d/1zUk2e65kK-htzApaQZguAQgT6nqq4S7J/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35066"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7x9j-31fq-hkg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276696?format=json","vulnerability_id":"VCID-86bc-apbh-sbbn","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x61731f.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35460","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35460"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35460"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-86bc-apbh-sbbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276701?format=json","vulnerability_id":"VCID-88vn-jepe-33c1","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0414.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35465","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35465"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35465"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-88vn-jepe-33c1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276476?format=json","vulnerability_id":"VCID-8qwb-455y-bbcp","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x86_64-linux-gnu/libc.so.6+0xbb384.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35023","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51835","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51819","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5187","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51806","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51767","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51822","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35023"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35023.md","reference_id":"CVE-2022-35023.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:06:40Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35023.md"},{"reference_url":"https://drive.google.com/file/d/17O7YeqDeVdrBJ1doBw46AvPIwQyYu0wM/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:06:40Z/"}],"url":"https://drive.google.com/file/d/17O7YeqDeVdrBJ1doBw46AvPIwQyYu0wM/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35023"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qwb-455y-bbcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276487?format=json","vulnerability_id":"VCID-8xnh-5jb4-uygz","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b559f.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35035","reference_id":"","reference_type":"","scores":[{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53434","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53455","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35035"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35035.md","reference_id":"CVE-2022-35035.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:07:34Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35035.md"},{"reference_url":"https://drive.google.com/file/d/1sRs48QDA0PSTYLUdkGyh_tvqs61yXNi7/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:07:34Z/"}],"url":"https://drive.google.com/file/d/1sRs48QDA0PSTYLUdkGyh_tvqs61yXNi7/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35035"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xnh-5jb4-uygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276496?format=json","vulnerability_id":"VCID-911d-pbx5-4qge","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x617087.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35044","reference_id":"","reference_type":"","scores":[{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59061","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59083","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59048","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59098","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60371","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60357","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.6035","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35044"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35044.md","reference_id":"CVE-2022-35044.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:00:36Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35044.md"},{"reference_url":"https://drive.google.com/file/d/1A9LlI9ioeAnoZjA_9c7WQbckV8gCiVIn/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:00:36Z/"}],"url":"https://drive.google.com/file/d/1A9LlI9ioeAnoZjA_9c7WQbckV8gCiVIn/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35044"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-911d-pbx5-4qge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276687?format=json","vulnerability_id":"VCID-97ds-z5dk-6kbu","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b84b1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35450","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35450"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35450"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-97ds-z5dk-6kbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276692?format=json","vulnerability_id":"VCID-9e9z-hm4a-37ab","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0d63.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35455","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35455"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35455"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9e9z-hm4a-37ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276499?format=json","vulnerability_id":"VCID-9mn1-e4dm-nfhd","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05aa.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35047","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54022","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55628","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55607","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5559","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55618","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35047"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35047.md","reference_id":"CVE-2022-35047.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:54:10Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35047.md"},{"reference_url":"https://drive.google.com/file/d/10asu-uKB2GIpnoGkAvvZPTqt4ylBU83s/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:54:10Z/"}],"url":"https://drive.google.com/file/d/10asu-uKB2GIpnoGkAvvZPTqt4ylBU83s/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35047"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mn1-e4dm-nfhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276475?format=json","vulnerability_id":"VCID-a6an-r3tj-93ge","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35022","reference_id":"","reference_type":"","scores":[{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39714","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39757","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39766","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.3973","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39747","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39769","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39688","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39742","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35022"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35022.md","reference_id":"CVE-2022-35022.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:30:42Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35022.md"},{"reference_url":"https://drive.google.com/file/d/15eb-k1eDCeVLgb1G9JUSFHmGHHkDc79z/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:30:42Z/"}],"url":"https://drive.google.com/file/d/15eb-k1eDCeVLgb1G9JUSFHmGHHkDc79z/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35022"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a6an-r3tj-93ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276704?format=json","vulnerability_id":"VCID-ast7-b75m-7uh3","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e420d.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35468","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35468"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35468"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ast7-b75m-7uh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276492?format=json","vulnerability_id":"VCID-bdbb-4kgq-y7ad","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35040","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46922","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46939","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46886","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46941","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48481","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48484","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35040"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35040.md","reference_id":"CVE-2022-35040.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T19:34:56Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35040.md"},{"reference_url":"https://drive.google.com/file/d/1MPyMYxi3cqeAzJYl-TU6NuSxDC53aVyl/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T19:34:56Z/"}],"url":"https://drive.google.com/file/d/1MPyMYxi3cqeAzJYl-TU6NuSxDC53aVyl/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35040"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bdbb-4kgq-y7ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276504?format=json","vulnerability_id":"VCID-bdke-da3n-37hw","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b84b1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35052","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54022","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55628","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55607","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5559","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55618","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35052"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35052.md","reference_id":"CVE-2022-35052.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:47:57Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35052.md"},{"reference_url":"https://drive.google.com/file/d/134NkAgE_Dcmx558FgvTHifl_avVlF-AH/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:47:57Z/"}],"url":"https://drive.google.com/file/d/134NkAgE_Dcmx558FgvTHifl_avVlF-AH/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35052"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bdke-da3n-37hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/275493?format=json","vulnerability_id":"VCID-bw8n-jvsd-bqe9","summary":"OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33047","reference_id":"","reference_type":"","scores":[{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64061","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64089","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64048","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64099","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64115","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64127","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64116","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64087","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33047"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-33047"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bw8n-jvsd-bqe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276509?format=json","vulnerability_id":"VCID-d4tp-mmgz-6udh","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05ce.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35058","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.51998","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52024","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.5199","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52045","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53452","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35058"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35058.md","reference_id":"CVE-2022-35058.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:53:52Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35058.md"},{"reference_url":"https://drive.google.com/file/d/1nqWScJjiK05VUxhBxrtJbrc3WK2iA_WI/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:53:52Z/"}],"url":"https://drive.google.com/file/d/1nqWScJjiK05VUxhBxrtJbrc3WK2iA_WI/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35058"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4tp-mmgz-6udh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276503?format=json","vulnerability_id":"VCID-dcjs-7eyq-a7gn","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b55af.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35051","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39908","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39831","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39886","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41103","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41123","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41089","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41072","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35051"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35051"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dcjs-7eyq-a7gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276698?format=json","vulnerability_id":"VCID-e8ev-axf6-dbc3","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0bc3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35462","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35462"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35462"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8ev-axf6-dbc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276474?format=json","vulnerability_id":"VCID-ecbh-vzp4-x7dr","summary":"OTFCC commit 617837b was discovered to contain a global buffer overflow via /release-x64/otfccdump+0x718693.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35021","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55957","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55984","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55975","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55931","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55952","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55982","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35021"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35021.md","reference_id":"CVE-2022-35021.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:31:17Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35021.md"},{"reference_url":"https://drive.google.com/file/d/1Aer3pVGg3ZZrdlGOfMhdnSqAjOQj_3xK/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:31:17Z/"}],"url":"https://drive.google.com/file/d/1Aer3pVGg3ZZrdlGOfMhdnSqAjOQj_3xK/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35021"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ecbh-vzp4-x7dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276713?format=json","vulnerability_id":"VCID-eeet-mw7y-rudx","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35477","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51881","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51866","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35477"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35477"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eeet-mw7y-rudx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276709?format=json","vulnerability_id":"VCID-euy5-4h8q-hyb3","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35473","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51881","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51866","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35473"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35473"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-euy5-4h8q-hyb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276519?format=json","vulnerability_id":"VCID-fbkh-5sb9-auc5","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e420d.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35068","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35068"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35068.md","reference_id":"CVE-2022-35068.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:33:55Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35068.md"},{"reference_url":"https://drive.google.com/file/d/193D7sPydmZiciaRD3r1UK_V3VT17GJFA/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:33:55Z/"}],"url":"https://drive.google.com/file/d/193D7sPydmZiciaRD3r1UK_V3VT17GJFA/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35068"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fbkh-5sb9-auc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276716?format=json","vulnerability_id":"VCID-fkft-abbt-6ydx","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35481","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37918","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37943","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37871","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37899","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37863","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37838","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35481"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35481"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fkft-abbt-6ydx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276702?format=json","vulnerability_id":"VCID-fymb-bvn2-p7ej","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0473.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35466","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35466"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35466"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fymb-bvn2-p7ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276691?format=json","vulnerability_id":"VCID-fz4x-mcwe-aqgf","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05aa.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35454","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35454"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35454"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz4x-mcwe-aqgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276686?format=json","vulnerability_id":"VCID-gh4u-68x5-27db","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0466.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35449","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35449"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35449"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gh4u-68x5-27db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276483?format=json","vulnerability_id":"VCID-gsk7-273v-qfdz","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35030","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51835","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51819","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5187","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51806","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51767","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51822","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35030"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35030.md","reference_id":"CVE-2022-35030.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:26:22Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35030.md"},{"reference_url":"https://drive.google.com/file/d/15y2h3Z7LR3mgpoQ2QE2yM_my9i8A77AA/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:26:22Z/"}],"url":"https://drive.google.com/file/d/15y2h3Z7LR3mgpoQ2QE2yM_my9i8A77AA/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35030"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gsk7-273v-qfdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276518?format=json","vulnerability_id":"VCID-h73f-kd2u-5yg3","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35067","reference_id":"","reference_type":"","scores":[{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53434","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53455","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35067"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35067.md","reference_id":"CVE-2022-35067.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:35:28Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35067.md"},{"reference_url":"https://drive.google.com/file/d/12PsreXrpGGy0Rx2URDd4XmlPPh5wVLmF/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:35:28Z/"}],"url":"https://drive.google.com/file/d/12PsreXrpGGy0Rx2URDd4XmlPPh5wVLmF/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35067"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h73f-kd2u-5yg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276700?format=json","vulnerability_id":"VCID-hd3g-vc2p-4fhf","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6171b2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35464","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35464"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35464"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hd3g-vc2p-4fhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276711?format=json","vulnerability_id":"VCID-hqv6-gney-2fgw","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41a8.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35475","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35475"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35475"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hqv6-gney-2fgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276513?format=json","vulnerability_id":"VCID-hx8f-h823-kkhr","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0bc3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35062","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35062"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35062.md","reference_id":"CVE-2022-35062.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:51:02Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35062.md"},{"reference_url":"https://drive.google.com/file/d/10KZeJTraCRuFED4y6Dv0XyPA-QJydKSa/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:51:02Z/"}],"url":"https://drive.google.com/file/d/10KZeJTraCRuFED4y6Dv0XyPA-QJydKSa/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35062"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hx8f-h823-kkhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276697?format=json","vulnerability_id":"VCID-jahu-d9d6-jbbt","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0a32.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35461","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35461"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35461"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jahu-d9d6-jbbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276479?format=json","vulnerability_id":"VCID-jxh3-k3es-bqah","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35026","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35026"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35026.md","reference_id":"CVE-2022-35026.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:11:31Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35026.md"},{"reference_url":"https://drive.google.com/file/d/13A5FLmr3NiQZMNUpd9ir3owrnbn5lZbO/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:11:31Z/"}],"url":"https://drive.google.com/file/d/13A5FLmr3NiQZMNUpd9ir3owrnbn5lZbO/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35026"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxh3-k3es-bqah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276520?format=json","vulnerability_id":"VCID-k5ue-ga1d-q7gv","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b544e.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35069","reference_id":"","reference_type":"","scores":[{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53434","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35069"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35069"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k5ue-ga1d-q7gv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276477?format=json","vulnerability_id":"VCID-knp7-hye9-a3gv","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35024","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35024"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35024.md","reference_id":"CVE-2022-35024.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:05:53Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35024.md"},{"reference_url":"https://drive.google.com/file/d/1s0VrWOJea_RRUJpZ0zgHV83NwGZlrIMt/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:05:53Z/"}],"url":"https://drive.google.com/file/d/1s0VrWOJea_RRUJpZ0zgHV83NwGZlrIMt/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35024"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-knp7-hye9-a3gv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276486?format=json","vulnerability_id":"VCID-m7rd-mh53-bycu","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e7e3d.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35034","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35034"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35034.md","reference_id":"CVE-2022-35034.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:08:13Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35034.md"},{"reference_url":"https://drive.google.com/file/d/14qQpo_APymGhcKMU8B0epT20ImFC02LR/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:08:13Z/"}],"url":"https://drive.google.com/file/d/14qQpo_APymGhcKMU8B0epT20ImFC02LR/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35034"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m7rd-mh53-bycu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276478?format=json","vulnerability_id":"VCID-mm9w-wmdz-qye4","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35025","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35025"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35025.md","reference_id":"CVE-2022-35025.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:12:44Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35025.md"},{"reference_url":"https://drive.google.com/file/d/1aXat1h1gl1HqxVNdS1ryFVp8Y3nD4TGZ/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:12:44Z/"}],"url":"https://drive.google.com/file/d/1aXat1h1gl1HqxVNdS1ryFVp8Y3nD4TGZ/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35025"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mm9w-wmdz-qye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276715?format=json","vulnerability_id":"VCID-msch-wzj9-h7ga","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35479","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51881","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51866","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35479"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35479"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-msch-wzj9-h7ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276703?format=json","vulnerability_id":"VCID-n68j-881x-3uhp","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b8.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35467","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35467"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35467"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n68j-881x-3uhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276480?format=json","vulnerability_id":"VCID-nckm-umvv-3qcn","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35027","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35027"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35027.md","reference_id":"CVE-2022-35027.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:42Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35027.md"},{"reference_url":"https://drive.google.com/file/d/1UEIyEM_nozYHYjSfc0HbbVnrR2oV9QJQ/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:42Z/"}],"url":"https://drive.google.com/file/d/1UEIyEM_nozYHYjSfc0HbbVnrR2oV9QJQ/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35027"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nckm-umvv-3qcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276695?format=json","vulnerability_id":"VCID-nk95-xdjm-vyfq","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e412a.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35459","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35459"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35459"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nk95-xdjm-vyfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276708?format=json","vulnerability_id":"VCID-nucx-up6e-ayb8","summary":"OTFCC v0.10.4 was discovered to contain a global overflow via /release-x64/otfccdump+0x718693.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35472","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51881","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51866","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35472"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35472"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nucx-up6e-ayb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276689?format=json","vulnerability_id":"VCID-nvrx-x1qs-vkdb","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0b2c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35452","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35452"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35452"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nvrx-x1qs-vkdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276512?format=json","vulnerability_id":"VCID-p973-cuza-tuhp","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e412a.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35061","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35061"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35061.md","reference_id":"CVE-2022-35061.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:52:35Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35061.md"},{"reference_url":"https://drive.google.com/file/d/1q7LJap9D_gyo-L64b3Nhfc4zEC-_mcH3/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T14:52:35Z/"}],"url":"https://drive.google.com/file/d/1q7LJap9D_gyo-L64b3Nhfc4zEC-_mcH3/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35061"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p973-cuza-tuhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276494?format=json","vulnerability_id":"VCID-q4qv-tq4j-3uh2","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adb11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35042","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46922","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46939","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46886","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46941","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48481","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48484","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35042"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35042.md","reference_id":"CVE-2022-35042.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:04:02Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35042.md"},{"reference_url":"https://drive.google.com/file/d/1Gj8rA1kD89lxUZVb_t-s3-18-ospJRJC/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:04:02Z/"}],"url":"https://drive.google.com/file/d/1Gj8rA1kD89lxUZVb_t-s3-18-ospJRJC/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35042"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4qv-tq4j-3uh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276489?format=json","vulnerability_id":"VCID-qdek-hd55-hbe2","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6adb1e.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35037","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35037"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35037.md","reference_id":"CVE-2022-35037.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:09:03Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35037.md"},{"reference_url":"https://drive.google.com/file/d/12SuaaZOa_I7ndwttQqaLWkBTWcIfTgu9/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:09:03Z/"}],"url":"https://drive.google.com/file/d/12SuaaZOa_I7ndwttQqaLWkBTWcIfTgu9/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35037"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qdek-hd55-hbe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276719?format=json","vulnerability_id":"VCID-qjxs-qf6j-zycc","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35484","reference_id":"","reference_type":"","scores":[{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56052","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56073","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56107","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56118","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56095","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56078","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35484"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35484"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjxs-qf6j-zycc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276493?format=json","vulnerability_id":"VCID-rrqw-zrh2-33dn","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b558f.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35041","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46922","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46939","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46886","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46941","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48481","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48484","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35041"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35041.md","reference_id":"CVE-2022-35041.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:05:30Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35041.md"},{"reference_url":"https://drive.google.com/file/d/1pzPVwMvEu-qvuyw6Mbu42zuKoaq6cp-6/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:05:30Z/"}],"url":"https://drive.google.com/file/d/1pzPVwMvEu-qvuyw6Mbu42zuKoaq6cp-6/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35041"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rrqw-zrh2-33dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276502?format=json","vulnerability_id":"VCID-rype-ss6b-aude","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b04de.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35050","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39883","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39908","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39831","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39886","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41123","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41089","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41072","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41103","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35050"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35050.md","reference_id":"CVE-2022-35050.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:48:41Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35050.md"},{"reference_url":"https://drive.google.com/file/d/1WdB1yvIoEvOB4iWh5TLiMJIzxUQNln56/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:48:41Z/"}],"url":"https://drive.google.com/file/d/1WdB1yvIoEvOB4iWh5TLiMJIzxUQNln56/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35050"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rype-ss6b-aude"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276506?format=json","vulnerability_id":"VCID-su1a-e49q-pffw","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6171b2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35054","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.38013","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.38038","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37968","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35054"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35054.md","reference_id":"CVE-2022-35054.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:58:48Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35054.md"},{"reference_url":"https://drive.google.com/file/d/1FoSPYJUO3hvUQywukndavdmu-45A-v2l/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:58:48Z/"}],"url":"https://drive.google.com/file/d/1FoSPYJUO3hvUQywukndavdmu-45A-v2l/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35054"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-su1a-e49q-pffw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276482?format=json","vulnerability_id":"VCID-t8bs-vvts-47ag","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35029","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35029"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35029.md","reference_id":"CVE-2022-35029.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:27:17Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35029.md"},{"reference_url":"https://drive.google.com/file/d/1x0eGL9tYqc7BEapsTqD78FTu9H8GKZ6l/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:27:17Z/"}],"url":"https://drive.google.com/file/d/1x0eGL9tYqc7BEapsTqD78FTu9H8GKZ6l/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35029"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t8bs-vvts-47ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276497?format=json","vulnerability_id":"VCID-tqm6-8w98-q3dr","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0d63.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35045","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.38013","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.38038","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37968","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35045"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35045.md","reference_id":"CVE-2022-35045.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:56:46Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35045.md"},{"reference_url":"https://drive.google.com/file/d/1eIYb4VDyDnXLCjXKSoFQjkmoXyaCmr-m/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:56:46Z/"}],"url":"https://drive.google.com/file/d/1eIYb4VDyDnXLCjXKSoFQjkmoXyaCmr-m/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35045"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqm6-8w98-q3dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276485?format=json","vulnerability_id":"VCID-tz15-rmx4-pkdq","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35032","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35032"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35032.md","reference_id":"CVE-2022-35032.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:13:45Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35032.md"},{"reference_url":"https://drive.google.com/file/d/1dldtU6kKgZbFdgQi4Md0p3t8RPOtKTG-/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T16:13:45Z/"}],"url":"https://drive.google.com/file/d/1dldtU6kKgZbFdgQi4Md0p3t8RPOtKTG-/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35032"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tz15-rmx4-pkdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276507?format=json","vulnerability_id":"VCID-u9ur-b18b-gfhr","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0473.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35055","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.38013","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.38038","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37968","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35055"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35055.md","reference_id":"CVE-2022-35055.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:57:29Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35055.md"},{"reference_url":"https://drive.google.com/file/d/1PZ0D3DslISfUxI6CJ--giXQHYKE0JZ7K/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:57:29Z/"}],"url":"https://drive.google.com/file/d/1PZ0D3DslISfUxI6CJ--giXQHYKE0JZ7K/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35055"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9ur-b18b-gfhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276511?format=json","vulnerability_id":"VCID-utve-4z7c-tkhk","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0a32.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35060","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35060"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35060.md","reference_id":"CVE-2022-35060.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T15:20:16Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35060.md"},{"reference_url":"https://drive.google.com/file/d/1VYQgASJR85XpuaakJJxRh_HmAoa61Nce/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T15:20:16Z/"}],"url":"https://drive.google.com/file/d/1VYQgASJR85XpuaakJJxRh_HmAoa61Nce/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35060"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-utve-4z7c-tkhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276699?format=json","vulnerability_id":"VCID-v7pb-brn7-v7ah","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0478.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35463","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5343","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53489","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35463"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35463"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v7pb-brn7-v7ah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276501?format=json","vulnerability_id":"VCID-v9pk-ecc9-yqbm","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b03b5.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35049","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54022","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55628","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55607","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5559","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55618","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35049"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35049.md","reference_id":"CVE-2022-35049.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:49:56Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35049.md"},{"reference_url":"https://drive.google.com/file/d/1h9mF80-Q13S3ZDZGLEM7hBIzCPwNDWhm/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:49:56Z/"}],"url":"https://drive.google.com/file/d/1h9mF80-Q13S3ZDZGLEM7hBIzCPwNDWhm/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35049"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v9pk-ecc9-yqbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276690?format=json","vulnerability_id":"VCID-vfty-pe45-pya4","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c08a6.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35453","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35453"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35453"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vfty-pe45-pya4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276484?format=json","vulnerability_id":"VCID-vk2y-ftzh-sqgh","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35031","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51835","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51819","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5187","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51806","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51767","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51822","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35031"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35031.md","reference_id":"CVE-2022-35031.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:25:21Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35031.md"},{"reference_url":"https://drive.google.com/file/d/1ekHL103KNESRt8yFKhRfnhyzqlYRRUfs/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:25:21Z/"}],"url":"https://drive.google.com/file/d/1ekHL103KNESRt8yFKhRfnhyzqlYRRUfs/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35031"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vk2y-ftzh-sqgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276500?format=json","vulnerability_id":"VCID-whjt-pvqp-jycr","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0b2c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35048","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54022","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55628","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55607","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5559","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55618","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35048"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35048.md","reference_id":"CVE-2022-35048.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:52:18Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35048.md"},{"reference_url":"https://drive.google.com/file/d/18cCD_Z6TDbx9IDQQKq3ZTALMGWSl_qWH/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:52:18Z/"}],"url":"https://drive.google.com/file/d/18cCD_Z6TDbx9IDQQKq3ZTALMGWSl_qWH/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35048"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-whjt-pvqp-jycr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276721?format=json","vulnerability_id":"VCID-whmq-gsw4-sbgg","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35486","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51881","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51866","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35486"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35486"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-whmq-gsw4-sbgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276498?format=json","vulnerability_id":"VCID-wngf-qn2d-ykef","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0466.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35046","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39969","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39996","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39918","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39971","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41177","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41144","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41127","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41157","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35046"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35046.md","reference_id":"CVE-2022-35046.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:54:50Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35046.md"},{"reference_url":"https://drive.google.com/file/d/1M8imA5zUlsMA6lgUbvLQ6rbEn6CO6QKq/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T15:54:50Z/"}],"url":"https://drive.google.com/file/d/1M8imA5zUlsMA6lgUbvLQ6rbEn6CO6QKq/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35046"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wngf-qn2d-ykef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276521?format=json","vulnerability_id":"VCID-ws93-jgn7-83c8","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x65fc97.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35070","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39285","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39259","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35070"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35070"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ws93-jgn7-83c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276481?format=json","vulnerability_id":"VCID-xfy6-snb8-63av","summary":"OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35028","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51835","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51819","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5187","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51806","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51767","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51822","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35028"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35028.md","reference_id":"CVE-2022-35028.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:09:47Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35028.md"},{"reference_url":"https://drive.google.com/file/d/15hma-XPdkV0NfZZweuyYuxa8rMAfKbRG/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:09:47Z/"}],"url":"https://drive.google.com/file/d/15hma-XPdkV0NfZZweuyYuxa8rMAfKbRG/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35028"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfy6-snb8-63av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276688?format=json","vulnerability_id":"VCID-xrgb-9dwh-mubm","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b03b5.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35451","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35451"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35451"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xrgb-9dwh-mubm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276714?format=json","vulnerability_id":"VCID-xxn1-2trx-myhs","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35478","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.5185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51848","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51881","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51866","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35478"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35478"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xxn1-2trx-myhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276718?format=json","vulnerability_id":"VCID-xzdx-45tg-w7ft","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35483","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37918","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37943","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37871","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37899","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37863","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37838","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35483"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35483"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzdx-45tg-w7ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276712?format=json","vulnerability_id":"VCID-y2pg-cgqs-s3gb","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35476","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37918","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37943","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37871","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37899","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37863","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37838","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35476"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35476"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y2pg-cgqs-s3gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276717?format=json","vulnerability_id":"VCID-y4qh-ek9n-cyc1","summary":"OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35482","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37918","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37943","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37871","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37899","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37863","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37838","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35482"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35482"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4qh-ek9n-cyc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276510?format=json","vulnerability_id":"VCID-ys96-uhkv-2qgv","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0414.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35059","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.51998","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52024","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.5199","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52045","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53452","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35059"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35059.md","reference_id":"CVE-2022-35059.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:53:00Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35059.md"},{"reference_url":"https://drive.google.com/file/d/1W9KM7OGlkMu1_7Y1mT_-eEbQJlRDfAJO/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:53:00Z/"}],"url":"https://drive.google.com/file/d/1W9KM7OGlkMu1_7Y1mT_-eEbQJlRDfAJO/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35059"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ys96-uhkv-2qgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276694?format=json","vulnerability_id":"VCID-zbsq-dfju-mkf5","summary":"OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05ce.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35458","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39286","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39314","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39258","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35458"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602","reference_id":"1019602","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35458"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zbsq-dfju-mkf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/276508?format=json","vulnerability_id":"VCID-zqjn-srqb-kfcg","summary":"OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0478.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35056","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.51998","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52024","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.5199","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52045","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53468","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53452","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35056"},{"reference_url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35056.md","reference_id":"CVE-2022-35056.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:54:45Z/"}],"url":"https://github.com/Cvjark/Poc/blob/main/otfcc/CVE-2022-35056.md"},{"reference_url":"https://drive.google.com/file/d/1OgmLjZ9VnEbzFh8tqyhPlVGJtdrhgfWz/view?usp=sharing","reference_id":"view?usp=sharing","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:54:45Z/"}],"url":"https://drive.google.com/file/d/1OgmLjZ9VnEbzFh8tqyhPlVGJtdrhgfWz/view?usp=sharing"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994446?format=json","purl":"pkg:deb/debian/texlive-bin@2026.20260303.78225%2Bds-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2026.20260303.78225%252Bds-1"}],"aliases":["CVE-2022-35056"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zqjn-srqb-kfcg"}],"fixing_vulnerabilities":[],"risk_score":"3.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2025.20250727.75242%252Bds-5"}