{"id":"CVE-2022-35015","details":"Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.","modified":"2026-03-20T12:06:03.797966Z","published":"2022-08-29T14:15:11.417Z","related":["MGASA-2022-0479"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYG2XAL4MBS7ADGJWYRUKBLDTBJFPJER/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQHLMLFHPV5C7PTBZML6U72QT6VNEOEF/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XP42AC5VPTY45QKMRL3W4G4EXIUMFXRE/"},{"type":"EVIDENCE","url":"https://github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35015.md"},{"type":"EVIDENCE","url":"https://drive.google.com/file/d/1pxNOlyl5mWXdVwkmCD4ZuXEPxI3PZAac/view?usp=sharing"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/amadvance/advancecomp","events":[{"introduced":"0"},{"last_affected":"a543d4ce2897739d5ae44b89d26cd683b70c8d61"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.3"}]}}],"versions":["advancecomp-1_10","advancecomp-1_11","advancecomp-1_12","advancecomp-1_14","advancecomp-1_15","advancecomp-1_5","advancecomp-1_6","advancecomp-1_7","advancecomp-1_8","advancecomp-1_9","start","v1.16","v1.20","v1.21","v1.22","v1.23","v2.0","v2.1","v2.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-35015.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"0"},{"last_affected":"37"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}