Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

Type deb

Namespace debian

Name edk2

Version 2020.11-2+deb11u2

Qualifiers

distro	trixie

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2020.11-2+deb11u3

Latest_non_vulnerable_version 2025.11-5

Affected_by_vulnerabilities

url VCID-65n6-vsa9-73bq

vulnerability_id VCID-65n6-vsa9-73bq

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45236.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45236.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45236

reference_id

reference_type

scores

value	0.00376
scoring_system	epss
scoring_elements	0.59602
published_at	2026-06-11T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59711
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45236

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45236
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45236

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063726
reference_id	1063726
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063726

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:43:01Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258703
reference_id	2258703
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258703

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:43:01Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:43:01Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url	https://access.redhat.com/errata/RHSA-2024:4419
reference_id	RHSA-2024:4419
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4419

reference_url	https://access.redhat.com/errata/RHSA-2024:4749
reference_id	RHSA-2024:4749
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4749

reference_url	https://access.redhat.com/errata/RHSA-2024:5297
reference_id	RHSA-2024:5297
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5297

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url	pkg:deb/debian/edk2@2024.05-1?distro=trixie
purl	pkg:deb/debian/edk2@2024.05-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2024.05-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45236

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-65n6-vsa9-73bq

url VCID-7k27-cwba-33em

vulnerability_id VCID-7k27-cwba-33em

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13176.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13176.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-13176

reference_id

reference_type

scores

value	0.001
scoring_system	epss
scoring_elements	0.27203
published_at	2026-06-11T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.27404
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-13176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844

reference_id

07272b05b04836a762b4baa874958af51d513844

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/

url

https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844

reference_url

https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded

reference_id

0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/

url

https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027
reference_id	1094027
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027

reference_url

https://openssl-library.org/news/secadv/20250120.txt

reference_id

20250120.txt

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/

url

https://openssl-library.org/news/secadv/20250120.txt

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2338999
reference_id	2338999
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2338999

reference_url

https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467

reference_id

2af62e74fb59bc469506bc37eb2990ea408d9467

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/

url

https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467

reference_url

https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902

reference_id

392dcb336405a0c94486aa6655057f59fd3a0902

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/

url

https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902

reference_url

https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65

reference_id

4b1cb94a734a7d4ec363ac0a215a25c181e11f65

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/

url

https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65

reference_url

https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f

reference_id

77c608f4c8857e63e98e66444e2e761c9627916f

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/

url

https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f

reference_url

https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86

reference_id

a2639000db19878d5d89586ae7b725080592ae86

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/

url

https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86

reference_url	https://usn.ubuntu.com/7264-1/
reference_id	USN-7264-1
reference_type
scores
url	https://usn.ubuntu.com/7264-1/

reference_url	https://usn.ubuntu.com/7278-1/
reference_id	USN-7278-1
reference_type
scores
url	https://usn.ubuntu.com/7278-1/

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2024-13176

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7k27-cwba-33em

url VCID-8yqn-3pca-dqdq

vulnerability_id VCID-8yqn-3pca-dqdq

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2296.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2296.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-2296

reference_id

reference_type

scores

value	0.0013
scoring_system	epss
scoring_elements	0.32031
published_at	2026-06-11T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32217
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-2296

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2296
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2296

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2420637
reference_id	2420637
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2420637

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-6pp6-cm5h-86g5

reference_id

GHSA-6pp6-cm5h-86g5

reference_type

scores

value	8.4
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-09T15:11:03Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-6pp6-cm5h-86g5

reference_url	https://access.redhat.com/errata/RHSA-2026:18465
reference_id	RHSA-2026:18465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18465

fixed_packages

url	pkg:deb/debian/edk2@2025.02-1?distro=trixie
purl	pkg:deb/debian/edk2@2025.02-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2025-2296

risk_score 3.8

exploitability 0.5

weighted_severity 7.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8yqn-3pca-dqdq

url VCID-ged6-dpmk-dbd5

vulnerability_id VCID-ged6-dpmk-dbd5

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38798.json

reference_id

reference_type

scores

value	5.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38798.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-38798

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05395
published_at	2026-06-11T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05417
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-38798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38798

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122288
reference_id	1122288
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122288

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2420643
reference_id	2420643
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2420643

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-q2c6-37h5-7cwf

reference_id

GHSA-q2c6-37h5-7cwf

reference_type

scores

value	5.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-09T15:14:01Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-q2c6-37h5-7cwf

fixed_packages

url	pkg:deb/debian/edk2@2025.11-1?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-1%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2024-38798

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ged6-dpmk-dbd5

url VCID-jv1m-wgs7-8ubs

vulnerability_id VCID-jv1m-wgs7-8ubs

summary EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-38805

reference_id

reference_type

scores

value	0.00152
scoring_system	epss
scoring_elements	0.35705
published_at	2026-06-11T12:55:00Z

value	0.00152
scoring_system	epss
scoring_elements	0.35885
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-38805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38805

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111100
reference_id	1111100
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111100

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-p7wp-52j7-6r5x

reference_id

GHSA-p7wp-52j7-6r5x

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:34:25Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-p7wp-52j7-6r5x

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2024-38805

risk_score 2.9

exploitability 0.5

weighted_severity 5.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jv1m-wgs7-8ubs

url VCID-nd65-8cs1-akdd

vulnerability_id VCID-nd65-8cs1-akdd

summary EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-2295

reference_id

reference_type

scores

value	0.00041
scoring_system	epss
scoring_elements	0.12853
published_at	2026-06-11T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12948
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-2295

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2295
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2295

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100594
reference_id	1100594
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100594

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-8522-69fh-w74x

reference_id

GHSA-8522-69fh-w74x

reference_type

scores

value	3.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-17T15:58:41Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-8522-69fh-w74x

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url	pkg:deb/debian/edk2@2025.02-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.02-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-4%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2025-2295

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nd65-8cs1-akdd

url VCID-q2wg-vfs5-93bd

vulnerability_id VCID-q2wg-vfs5-93bd

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45237.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45237.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45237

reference_id

reference_type

scores

value	0.00376
scoring_system	epss
scoring_elements	0.59602
published_at	2026-06-11T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59711
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45237

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063727
reference_id	1063727
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063727

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T19:58:00Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258706
reference_id	2258706
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258706

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T19:58:00Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T19:58:00Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url	https://access.redhat.com/errata/RHSA-2024:4419
reference_id	RHSA-2024:4419
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4419

reference_url	https://access.redhat.com/errata/RHSA-2024:4749
reference_id	RHSA-2024:4749
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4749

reference_url	https://access.redhat.com/errata/RHSA-2024:5297
reference_id	RHSA-2024:5297
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5297

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url	pkg:deb/debian/edk2@2024.05-1?distro=trixie
purl	pkg:deb/debian/edk2@2024.05-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2024.05-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45237

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2wg-vfs5-93bd

url VCID-sakv-myv8-2yfs

vulnerability_id VCID-sakv-myv8-2yfs

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38797.json

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38797.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-38797

reference_id

reference_type

scores

value	0.00047
scoring_system	epss
scoring_elements	0.14959
published_at	2026-06-11T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.1508
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-38797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38797

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102519
reference_id	1102519
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102519

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2358006
reference_id	2358006
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2358006

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-4wjw-6xmf-44xf

reference_id

GHSA-4wjw-6xmf-44xf

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T14:20:28Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-4wjw-6xmf-44xf

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url	pkg:deb/debian/edk2@2025.02-8?distro=trixie
purl	pkg:deb/debian/edk2@2025.02-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2024-38797

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sakv-myv8-2yfs

url VCID-x9v2-b2pw-y3ez

vulnerability_id VCID-x9v2-b2pw-y3ez

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-3770

reference_id

reference_type

scores

value	0.00099
scoring_system	epss
scoring_elements	0.27052
published_at	2026-06-11T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27256
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-3770

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3770
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3770

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110533
reference_id	1110533
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110533

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-vx5v-4gg6-6qxr

reference_id

GHSA-vx5v-4gg6-6qxr

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:28:05Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-vx5v-4gg6-6qxr

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2025-3770

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x9v2-b2pw-y3ez

Fixing_vulnerabilities

url VCID-1chb-ubnq-rfd8

vulnerability_id VCID-1chb-ubnq-rfd8

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45231.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45231.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45231

reference_id

reference_type

scores

value	0.00106
scoring_system	epss
scoring_elements	0.28344
published_at	2026-06-12T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28149
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256
reference_id	1061256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258688
reference_id	2258688
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258688

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_id

PixieFail-Proof-Of-Concepts.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/

url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_url	https://access.redhat.com/errata/RHSA-2024:2264
reference_id	RHSA-2024:2264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2264

reference_url	https://access.redhat.com/errata/RHSA-2024:3017
reference_id	RHSA-2024:3017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3017

reference_url	https://access.redhat.com/errata/RHSA-2024:4419
reference_id	RHSA-2024:4419
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4419

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-6?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45231

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1chb-ubnq-rfd8

url VCID-1x4n-k1u8-dufa

vulnerability_id VCID-1x4n-k1u8-dufa

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11098.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11098.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11098

reference_id

reference_type

scores

value	0.0006
scoring_system	epss
scoring_elements	0.18972
published_at	2026-06-11T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.19137
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11098

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2007434
reference_id	2007434
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2007434

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991495
reference_id	991495
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991495

reference_url	https://usn.ubuntu.com/5088-1/
reference_id	USN-5088-1
reference_type
scores
url	https://usn.ubuntu.com/5088-1/

fixed_packages

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-5%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-11098

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1x4n-k1u8-dufa

url VCID-2jhv-n48s-cueg

vulnerability_id VCID-2jhv-n48s-cueg

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38796.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38796.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-38796

reference_id

reference_type

scores

value	0.00067
scoring_system	epss
scoring_elements	0.20948
published_at	2026-06-11T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.21124
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-38796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084055
reference_id	1084055
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084055

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2315390
reference_id	2315390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2315390

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-xpcr-7hjq-m6qm

reference_id

GHSA-xpcr-7hjq-m6qm

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T13:57:08Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-xpcr-7hjq-m6qm

reference_url	https://access.redhat.com/errata/RHSA-2024:10268
reference_id	RHSA-2024:10268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10268

reference_url	https://access.redhat.com/errata/RHSA-2024:10272
reference_id	RHSA-2024:10272
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10272

reference_url	https://access.redhat.com/errata/RHSA-2024:11185
reference_id	RHSA-2024:11185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11185

reference_url	https://access.redhat.com/errata/RHSA-2024:11194
reference_id	RHSA-2024:11194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11194

reference_url	https://access.redhat.com/errata/RHSA-2024:11219
reference_id	RHSA-2024:11219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11219

reference_url	https://access.redhat.com/errata/RHSA-2024:9921
reference_id	RHSA-2024:9921
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9921

reference_url	https://access.redhat.com/errata/RHSA-2024:9930
reference_id	RHSA-2024:9930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9930

reference_url	https://access.redhat.com/errata/RHSA-2024:9946
reference_id	RHSA-2024:9946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9946

reference_url	https://access.redhat.com/errata/RHSA-2024:9956
reference_id	RHSA-2024:9956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9956

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2024.08-3?distro=trixie
purl	pkg:deb/debian/edk2@2024.08-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2024.08-3%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2024-38796

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jhv-n48s-cueg

url VCID-2y4v-rme2-efe4

vulnerability_id VCID-2y4v-rme2-efe4

summary Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12183.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12183

reference_id

reference_type

scores

value	0.00087
scoring_system	epss
scoring_elements	0.25014
published_at	2026-06-11T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.25213
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12183

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1694077
reference_id	1694077
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1694077

reference_url	https://usn.ubuntu.com/6920-1/
reference_id	USN-6920-1
reference_type
scores
url	https://usn.ubuntu.com/6920-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20181115.85588389-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20181115.85588389-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2018-12183

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2y4v-rme2-efe4

url VCID-31gf-12w2-xydp

vulnerability_id VCID-31gf-12w2-xydp

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14562.json

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14562.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14562

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13985
published_at	2026-06-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.14108
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14562

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14562
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14562

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1869245
reference_id	1869245
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1869245

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968819
reference_id	968819
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968819

reference_url	https://usn.ubuntu.com/4684-1/
reference_id	USN-4684-1
reference_type
scores
url	https://usn.ubuntu.com/4684-1/

fixed_packages

url	pkg:deb/debian/edk2@2020.05-4?distro=trixie
purl	pkg:deb/debian/edk2@2020.05-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.05-4%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14562

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31gf-12w2-xydp

url VCID-355j-gykj-p3a9

vulnerability_id VCID-355j-gykj-p3a9

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45229.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45229.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45229

reference_id

reference_type

scores

value	0.00106
scoring_system	epss
scoring_elements	0.28344
published_at	2026-06-12T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28149
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45229

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256
reference_id	1061256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:42Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258677
reference_id	2258677
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258677

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:42Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:42Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_id

PixieFail-Proof-Of-Concepts.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:42Z/

url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_url	https://access.redhat.com/errata/RHSA-2024:2264
reference_id	RHSA-2024:2264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2264

reference_url	https://access.redhat.com/errata/RHSA-2024:3017
reference_id	RHSA-2024:3017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3017

reference_url	https://access.redhat.com/errata/RHSA-2024:4419
reference_id	RHSA-2024:4419
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4419

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-6?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45229

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-355j-gykj-p3a9

url VCID-3k3f-q3mm-b7bh

vulnerability_id VCID-3k3f-q3mm-b7bh

summary The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based decision to continue running inside the Shell itself, which is believed to be sufficient to enforce Secure Boot restrictions. This is an additional repair on top of the incomplete fix for CVE-2023-48733.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2486.json

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2486.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-2486

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.05069
published_at	2026-06-11T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.05071
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-2486

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2486
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2486

reference_url

https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2101797

reference_id

2101797

reference_type

scores

value	3.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T18:25:19Z/

url

https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2101797

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2417316
reference_id	2417316
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2417316

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-7?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-7%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2025-2486

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3k3f-q3mm-b7bh

url VCID-5yjh-psz8-jqdb

vulnerability_id VCID-5yjh-psz8-jqdb

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36765.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36765.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-36765

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.12261
published_at	2026-06-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12352
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-36765

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36765
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36765

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408
reference_id	1060408
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257584
reference_id	2257584
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257584

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx

reference_id

GHSA-ch4w-v7m3-g8wx

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:56:33Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx

reference_url	https://access.redhat.com/errata/RHSA-2024:3017
reference_id	RHSA-2024:3017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3017

reference_url	https://access.redhat.com/errata/RHSA-2024:4749
reference_id	RHSA-2024:4749
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4749

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:56:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-5%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2022-36765

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yjh-psz8-jqdb

url VCID-66un-t5ta-mqcw

vulnerability_id VCID-66un-t5ta-mqcw

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12181.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12181.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12181

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.3375
published_at	2026-06-11T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33929
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12181

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1686783
reference_id	1686783
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1686783

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615
reference_id	924615
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615

reference_url	https://access.redhat.com/errata/RHSA-2019:2125
reference_id	RHSA-2019:2125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2125

reference_url	https://access.redhat.com/errata/RHSA-2019:3338
reference_id	RHSA-2019:3338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3338

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie
purl	pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-3%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2018-12181

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66un-t5ta-mqcw

url VCID-6pc9-c7na-u7ej

vulnerability_id VCID-6pc9-c7na-u7ej

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1298.json

reference_id

reference_type

scores

value	6.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1298.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1298

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.0998
published_at	2026-06-11T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.1003
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1298

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2284243
reference_id	2284243
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2284243

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7NUL7NSZQ76A5OKDUCODQNY7WSX4SST/

reference_id

F7NUL7NSZQ76A5OKDUCODQNY7WSX4SST

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-13T14:21:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7NUL7NSZQ76A5OKDUCODQNY7WSX4SST/

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53

reference_id

GHSA-chfw-xj8f-6m53

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-13T14:21:54Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53

reference_url	https://access.redhat.com/errata/RHSA-2024:4747
reference_id	RHSA-2024:4747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4747

reference_url	https://access.redhat.com/errata/RHSA-2024:5297
reference_id	RHSA-2024:5297
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5297

reference_url	https://access.redhat.com/errata/RHSA-2024:5623
reference_id	RHSA-2024:5623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5623

reference_url	https://access.redhat.com/errata/RHSA-2024:9088
reference_id	RHSA-2024:9088
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9088

reference_url	https://usn.ubuntu.com/7894-1/
reference_id	USN-7894-1
reference_type
scores
url	https://usn.ubuntu.com/7894-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIMEZWDKEIQKU7NMHKL57DOCITPGEXYN/

reference_id

VIMEZWDKEIQKU7NMHKL57DOCITPGEXYN

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-13T14:21:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIMEZWDKEIQKU7NMHKL57DOCITPGEXYN/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2024.05-1?distro=trixie
purl	pkg:deb/debian/edk2@2024.05-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2024.05-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2024-1298

risk_score 2.7

exploitability 0.5

weighted_severity 5.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pc9-c7na-u7ej

url VCID-7jxw-nwrz-33e2

vulnerability_id VCID-7jxw-nwrz-33e2

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45233.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45233.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45233

reference_id

reference_type

scores

value	0.00383
scoring_system	epss
scoring_elements	0.60131
published_at	2026-06-12T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.60023
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45233

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256
reference_id	1061256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258694
reference_id	2258694
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258694

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_id

PixieFail-Proof-Of-Concepts.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/

url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_url	https://access.redhat.com/errata/RHSA-2024:2264
reference_id	RHSA-2024:2264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2264

reference_url	https://access.redhat.com/errata/RHSA-2024:3017
reference_id	RHSA-2024:3017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3017

reference_url	https://access.redhat.com/errata/RHSA-2024:8104
reference_id	RHSA-2024:8104
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8104

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-6?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45233

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7jxw-nwrz-33e2

url VCID-8dg1-wu52-qye9

vulnerability_id VCID-8dg1-wu52-qye9

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14586.json

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14586.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14586

reference_id

reference_type

scores

value	0.00135
scoring_system	epss
scoring_elements	0.33118
published_at	2026-06-11T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.333
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14586

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14586
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14586

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1833340
reference_id	1833340
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1833340

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14586

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8dg1-wu52-qye9

url VCID-8x9f-yvhc-u3gn

vulnerability_id VCID-8x9f-yvhc-u3gn

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0160.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0160.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0160

reference_id

reference_type

scores

value	0.0028
scoring_system	epss
scoring_elements	0.51725
published_at	2026-06-11T12:55:00Z

value	0.0028
scoring_system	epss
scoring_elements	0.51855
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0160

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0160
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0160

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1691640
reference_id	1691640
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1691640

reference_url	https://access.redhat.com/errata/RHSA-2019:2125
reference_id	RHSA-2019:2125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2125

reference_url	https://access.redhat.com/errata/RHSA-2019:3338
reference_id	RHSA-2019:3338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3338

reference_url	https://usn.ubuntu.com/6920-1/
reference_id	USN-6920-1
reference_type
scores
url	https://usn.ubuntu.com/6920-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20181115.85588389-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20181115.85588389-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-0160

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8x9f-yvhc-u3gn

url VCID-9h6p-27t6-3ycb

vulnerability_id VCID-9h6p-27t6-3ycb

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45232.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45232.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45232

reference_id

reference_type

scores

value	0.00383
scoring_system	epss
scoring_elements	0.60131
published_at	2026-06-12T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.60023
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256
reference_id	1061256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258691
reference_id	2258691
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258691

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_id

PixieFail-Proof-Of-Concepts.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/

url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_url	https://access.redhat.com/errata/RHSA-2024:2264
reference_id	RHSA-2024:2264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2264

reference_url	https://access.redhat.com/errata/RHSA-2024:3017
reference_id	RHSA-2024:3017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3017

reference_url	https://access.redhat.com/errata/RHSA-2024:8104
reference_id	RHSA-2024:8104
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8104

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-6?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45232

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9h6p-27t6-3ycb

url VCID-a4xf-yhxe-6fcx

vulnerability_id VCID-a4xf-yhxe-6fcx

summary Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12179.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12179.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12179

reference_id

reference_type

scores

value	0.00118
scoring_system	epss
scoring_elements	0.30195
published_at	2026-06-11T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30391
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12179

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1694072
reference_id	1694072
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1694072

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927484
reference_id	927484
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927484

fixed_packages

url	pkg:deb/debian/edk2@0~20190606.20d2e5a1-2?distro=trixie
purl	pkg:deb/debian/edk2@0~20190606.20d2e5a1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20190606.20d2e5a1-2%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2018-12179

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a4xf-yhxe-6fcx

url VCID-ar6r-6h5b-qucb

vulnerability_id VCID-ar6r-6h5b-qucb

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14587.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14587.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14587

reference_id

reference_type

scores

value	0.00188
scoring_system	epss
scoring_elements	0.40473
published_at	2026-06-11T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40641
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14587

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1833352
reference_id	1833352
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1833352

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14587

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ar6r-6h5b-qucb

url VCID-b1fy-sz37-gbcr

vulnerability_id VCID-b1fy-sz37-gbcr

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36764.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36764.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-36764

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.12261
published_at	2026-06-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12352
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-36764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408
reference_id	1060408
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257583
reference_id	2257583
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257583

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j

reference_id

GHSA-4hcq-p8q8-hj8j

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-06T21:12:01Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j

reference_url	https://access.redhat.com/errata/RHSA-2024:2264
reference_id	RHSA-2024:2264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2264

reference_url	https://access.redhat.com/errata/RHSA-2024:3017
reference_id	RHSA-2024:3017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3017

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-06T21:12:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-5%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2022-36764

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b1fy-sz37-gbcr

url VCID-c3z4-pfva-gbfw

vulnerability_id VCID-c3z4-pfva-gbfw

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14575.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14575.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14575

reference_id

reference_type

scores

value	0.00061
scoring_system	epss
scoring_elements	0.19308
published_at	2026-06-11T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19478
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14575

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1736862
reference_id	1736862
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1736862

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952935
reference_id	952935
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952935

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14575

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3z4-pfva-gbfw

url VCID-c5bn-9xcp-73fz

vulnerability_id VCID-c5bn-9xcp-73fz

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38578.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38578.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38578

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.20045
published_at	2026-06-11T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20218
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38578

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38578
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38578

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014468
reference_id	1014468
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014468

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1960321
reference_id	1960321
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1960321

reference_url	https://access.redhat.com/errata/RHSA-2023:2165
reference_id	RHSA-2023:2165
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2165

reference_url

https://www.insyde.com/security-pledge/SA-2023024

reference_id

SA-2023024

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:13:33Z/

url

https://www.insyde.com/security-pledge/SA-2023024

reference_url

https://bugzilla.tianocore.org/show_bug.cgi?id=3387

reference_id

show_bug.cgi?id=3387

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:13:33Z/

url

https://bugzilla.tianocore.org/show_bug.cgi?id=3387

reference_url	https://usn.ubuntu.com/7060-1/
reference_id	USN-7060-1
reference_type
scores
url	https://usn.ubuntu.com/7060-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2021-38578

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c5bn-9xcp-73fz

url VCID-cbqv-2g8x-kkde

vulnerability_id VCID-cbqv-2g8x-kkde

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14584.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14584.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14584

reference_id

reference_type

scores

value	0.00081
scoring_system	epss
scoring_elements	0.23926
published_at	2026-06-11T12:55:00Z

value	0.00081
scoring_system	epss
scoring_elements	0.24124
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14584

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14584

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1889486
reference_id	1889486
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1889486

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977300
reference_id	977300
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977300

reference_url

https://security.archlinux.org/AVG-1359

reference_id

AVG-1359

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1359

reference_url	https://access.redhat.com/errata/RHSA-2021:4198
reference_id	RHSA-2021:4198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4198

reference_url	https://usn.ubuntu.com/4684-1/
reference_id	USN-4684-1
reference_type
scores
url	https://usn.ubuntu.com/4684-1/

fixed_packages

url	pkg:deb/debian/edk2@2020.11-1?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14584

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbqv-2g8x-kkde

url VCID-cpmg-e86j-bqa1

vulnerability_id VCID-cpmg-e86j-bqa1

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14563.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14563.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14563

reference_id

reference_type

scores

value	0.00054
scoring_system	epss
scoring_elements	0.17321
published_at	2026-06-11T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17484
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14563

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14563
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14563

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758620
reference_id	1758620
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758620

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952934
reference_id	952934
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952934

reference_url	https://access.redhat.com/errata/RHSA-2020:1712
reference_id	RHSA-2020:1712
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1712

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14563

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cpmg-e86j-bqa1

url VCID-gm1h-rs6h-pkc7

vulnerability_id VCID-gm1h-rs6h-pkc7

summary private key recovery

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28213.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28213.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28213

reference_id

reference_type

scores

value	0.0027
scoring_system	epss
scoring_elements	0.50732
published_at	2026-06-11T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50865
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28213

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28213
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28213

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1971724
reference_id	1971724
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1971724

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989988
reference_id	989988
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989988

reference_url

https://security.archlinux.org/AVG-2070

reference_id

AVG-2070

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2070

fixed_packages

url	pkg:deb/debian/edk2@0~20190606.20d2e5a1-2?distro=trixie
purl	pkg:deb/debian/edk2@0~20190606.20d2e5a1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20190606.20d2e5a1-2%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2021-28213

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gm1h-rs6h-pkc7

url VCID-gup5-ax7z-2bdg

vulnerability_id VCID-gup5-ax7z-2bdg

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28211.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28211.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28211

reference_id

reference_type

scores

value	0.0006
scoring_system	epss
scoring_elements	0.18957
published_at	2026-06-11T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.19122
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28211

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28211

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1883529
reference_id	1883529
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1883529

reference_url

https://security.archlinux.org/AVG-1697

reference_id

AVG-1697

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1697

reference_url	https://access.redhat.com/errata/RHSA-2021:2591
reference_id	RHSA-2021:2591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2591

reference_url	https://usn.ubuntu.com/4923-1/
reference_id	USN-4923-1
reference_type
scores
url	https://usn.ubuntu.com/4923-1/

reference_url	https://usn.ubuntu.com/7060-1/
reference_id	USN-7060-1
reference_type
scores
url	https://usn.ubuntu.com/7060-1/

fixed_packages

url	pkg:deb/debian/edk2@2020.11-1?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2021-28211

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gup5-ax7z-2bdg

url VCID-h36x-48bc-zbeb

vulnerability_id VCID-h36x-48bc-zbeb

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14553.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14553.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14553

reference_id

reference_type

scores

value	0.00113
scoring_system	epss
scoring_elements	0.29475
published_at	2026-06-11T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29676
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14553

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14553
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14553

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758518
reference_id	1758518
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758518

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941775
reference_id	941775
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941775

fixed_packages

url	pkg:deb/debian/edk2@0~20190828.37eef910-4?distro=trixie
purl	pkg:deb/debian/edk2@0~20190828.37eef910-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20190828.37eef910-4%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14553

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h36x-48bc-zbeb

url VCID-hhjb-rahv-x3ee

vulnerability_id VCID-hhjb-rahv-x3ee

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45234.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45234.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45234

reference_id

reference_type

scores

value	0.00243
scoring_system	epss
scoring_elements	0.47926
published_at	2026-06-12T12:55:00Z

value	0.00243
scoring_system	epss
scoring_elements	0.47785
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45234

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45234
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45234

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256
reference_id	1061256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258697
reference_id	2258697
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258697

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_id

PixieFail-Proof-Of-Concepts.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/

url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1063
reference_id	RHSA-2024:1063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1063

reference_url	https://access.redhat.com/errata/RHSA-2024:1075
reference_id	RHSA-2024:1075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1075

reference_url	https://access.redhat.com/errata/RHSA-2024:1076
reference_id	RHSA-2024:1076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1076

reference_url	https://access.redhat.com/errata/RHSA-2024:1077
reference_id	RHSA-2024:1077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1077

reference_url	https://access.redhat.com/errata/RHSA-2024:1305
reference_id	RHSA-2024:1305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1305

reference_url	https://access.redhat.com/errata/RHSA-2024:1415
reference_id	RHSA-2024:1415
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1415

reference_url	https://access.redhat.com/errata/RHSA-2024:1722
reference_id	RHSA-2024:1722
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1722

reference_url	https://access.redhat.com/errata/RHSA-2024:3497
reference_id	RHSA-2024:3497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3497

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-6?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45234

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhjb-rahv-x3ee

url VCID-hs11-bhe7-jfes

vulnerability_id VCID-hs11-bhe7-jfes

summary Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12178.json

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12178.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12178

reference_id

reference_type

scores

value	0.00448
scoring_system	epss
scoring_elements	0.63985
published_at	2026-06-11T12:55:00Z

value	0.00448
scoring_system	epss
scoring_elements	0.64087
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12178

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1683326
reference_id	1683326
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1683326

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615
reference_id	924615
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie
purl	pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-3%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2018-12178

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hs11-bhe7-jfes

url VCID-j4tr-y7kc-9qa2

vulnerability_id VCID-j4tr-y7kc-9qa2

summary A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38576

reference_id

reference_type

scores

value	0.00256
scoring_system	epss
scoring_elements	0.49323
published_at	2026-06-11T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.4946
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38576

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014468
reference_id	1014468
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014468

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2021.11-1?distro=trixie
purl	pkg:deb/debian/edk2@2021.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2021.11-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2021-38576

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4tr-y7kc-9qa2

url VCID-jxsp-caz3-w3b4

vulnerability_id VCID-jxsp-caz3-w3b4

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12180.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12180.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12180

reference_id

reference_type

scores

value	0.01331
scoring_system	epss
scoring_elements	0.80364
published_at	2026-06-11T12:55:00Z

value	0.01331
scoring_system	epss
scoring_elements	0.80426
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12180

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1683372
reference_id	1683372
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1683372

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615
reference_id	924615
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615

reference_url	https://access.redhat.com/errata/RHSA-2019:0809
reference_id	RHSA-2019:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0809

reference_url	https://access.redhat.com/errata/RHSA-2019:0968
reference_id	RHSA-2019:0968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0968

reference_url	https://access.redhat.com/errata/RHSA-2019:1116
reference_id	RHSA-2019:1116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1116

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie
purl	pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-3%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2018-12180

risk_score 3.8

exploitability 0.5

weighted_severity 7.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxsp-caz3-w3b4

url VCID-mw82-5nv3-w3aq

vulnerability_id VCID-mw82-5nv3-w3aq

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14558.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14558.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14558

reference_id

reference_type

scores

value	0.0012
scoring_system	epss
scoring_elements	0.30554
published_at	2026-06-11T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.3075
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14558

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1833347
reference_id	1833347
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1833347

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14558

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mw82-5nv3-w3aq

url VCID-pffk-ah4r-z7a7

vulnerability_id VCID-pffk-ah4r-z7a7

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38575.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38575.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38575

reference_id

reference_type

scores

value	0.00532
scoring_system	epss
scoring_elements	0.67726
published_at	2026-06-11T12:55:00Z

value	0.00532
scoring_system	epss
scoring_elements	0.67815
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38575

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956284
reference_id	1956284
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956284

reference_url

https://security.archlinux.org/AVG-2382

reference_id

AVG-2382

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2382

reference_url	https://access.redhat.com/errata/RHSA-2021:3066
reference_id	RHSA-2021:3066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3066

reference_url	https://access.redhat.com/errata/RHSA-2021:3172
reference_id	RHSA-2021:3172
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3172

reference_url	https://access.redhat.com/errata/RHSA-2021:3235
reference_id	RHSA-2021:3235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3235

reference_url	https://access.redhat.com/errata/RHSA-2021:3369
reference_id	RHSA-2021:3369
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3369

reference_url	https://usn.ubuntu.com/5088-1/
reference_id	USN-5088-1
reference_type
scores
url	https://usn.ubuntu.com/5088-1/

reference_url	https://usn.ubuntu.com/7060-1/
reference_id	USN-7060-1
reference_type
scores
url	https://usn.ubuntu.com/7060-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2021.08-1?distro=trixie
purl	pkg:deb/debian/edk2@2021.08-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2021.08-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2021-38575

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pffk-ah4r-z7a7

url VCID-qvye-vjn4-f3fh

vulnerability_id VCID-qvye-vjn4-f3fh

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45230.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45230.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45230

reference_id

reference_type

scores

value	0.00243
scoring_system	epss
scoring_elements	0.47926
published_at	2026-06-12T12:55:00Z

value	0.00243
scoring_system	epss
scoring_elements	0.47785
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45230

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45230
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45230

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256
reference_id	1061256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258685
reference_id	2258685
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258685

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_id

PixieFail-Proof-Of-Concepts.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/

url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1004
reference_id	RHSA-2024:1004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1004

reference_url	https://access.redhat.com/errata/RHSA-2024:1013
reference_id	RHSA-2024:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1013

reference_url	https://access.redhat.com/errata/RHSA-2024:1063
reference_id	RHSA-2024:1063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1063

reference_url	https://access.redhat.com/errata/RHSA-2024:1075
reference_id	RHSA-2024:1075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1075

reference_url	https://access.redhat.com/errata/RHSA-2024:1076
reference_id	RHSA-2024:1076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1076

reference_url	https://access.redhat.com/errata/RHSA-2024:1077
reference_id	RHSA-2024:1077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1077

reference_url	https://access.redhat.com/errata/RHSA-2024:1415
reference_id	RHSA-2024:1415
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1415

reference_url	https://access.redhat.com/errata/RHSA-2024:3497
reference_id	RHSA-2024:3497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3497

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-6?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45230

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvye-vjn4-f3fh

url VCID-rst3-u7cu-a7bb

vulnerability_id VCID-rst3-u7cu-a7bb

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36763.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36763.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-36763

reference_id

reference_type

scores

value	0.0006
scoring_system	epss
scoring_elements	0.19099
published_at	2026-06-11T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.19268
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-36763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408
reference_id	1060408
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257582
reference_id	2257582
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257582

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr

reference_id

GHSA-xvv8-66cq-prwr

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T19:10:15Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr

reference_url	https://access.redhat.com/errata/RHSA-2024:2264
reference_id	RHSA-2024:2264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2264

reference_url	https://access.redhat.com/errata/RHSA-2024:3017
reference_id	RHSA-2024:3017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3017

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T19:10:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-5%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2022-36763

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rst3-u7cu-a7bb

url VCID-rt2t-dxdx-muby

vulnerability_id VCID-rt2t-dxdx-muby

summary insufficient validation

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28216

reference_id

reference_type

scores

value	0.00137
scoring_system	epss
scoring_elements	0.33364
published_at	2026-06-11T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33546
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28216

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28216
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28216

reference_url

https://security.archlinux.org/AVG-2592

reference_id

AVG-2592

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2592

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2021.11~rc1-1?distro=trixie
purl	pkg:deb/debian/edk2@2021.11~rc1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2021.11~rc1-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2021-28216

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rt2t-dxdx-muby

url VCID-ssz2-3242-8ucs

vulnerability_id VCID-ssz2-3242-8ucs

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0161.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0161.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0161

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.14366
published_at	2026-06-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.14487
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0161

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1694065
reference_id	1694065
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1694065

reference_url	https://access.redhat.com/errata/RHSA-2019:2125
reference_id	RHSA-2019:2125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2125

reference_url	https://access.redhat.com/errata/RHSA-2019:2437
reference_id	RHSA-2019:2437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2437

reference_url	https://access.redhat.com/errata/RHSA-2019:3338
reference_id	RHSA-2019:3338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3338

reference_url	https://usn.ubuntu.com/7060-1/
reference_id	USN-7060-1
reference_type
scores
url	https://usn.ubuntu.com/7060-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20180803.dd4cae4d-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20180803.dd4cae4d-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20180803.dd4cae4d-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-0161

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssz2-3242-8ucs

url VCID-uv9x-qncd-x3e9

vulnerability_id VCID-uv9x-qncd-x3e9

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28210.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28210.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28210

reference_id

reference_type

scores

value	0.00118
scoring_system	epss
scoring_elements	0.3027
published_at	2026-06-11T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30465
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28210

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28210
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28210

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1883552
reference_id	1883552
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1883552

reference_url

https://security.archlinux.org/AVG-1697

reference_id

AVG-1697

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1697

reference_url	https://access.redhat.com/errata/RHSA-2021:4198
reference_id	RHSA-2021:4198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4198

reference_url	https://usn.ubuntu.com/4923-1/
reference_id	USN-4923-1
reference_type
scores
url	https://usn.ubuntu.com/4923-1/

reference_url	https://usn.ubuntu.com/7060-1/
reference_id	USN-7060-1
reference_type
scores
url	https://usn.ubuntu.com/7060-1/

fixed_packages

url	pkg:deb/debian/edk2@2020.11-1?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2021-28210

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uv9x-qncd-x3e9

url VCID-uyhp-7jdw-x7c3

vulnerability_id VCID-uyhp-7jdw-x7c3

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45235.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45235.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45235

reference_id

reference_type

scores

value	0.00313
scoring_system	epss
scoring_elements	0.55013
published_at	2026-06-12T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54892
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45235

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256
reference_id	1061256
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256

reference_url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/

url

http://www.openwall.com/lists/oss-security/2024/01/16/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2258700
reference_id	2258700
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2258700

reference_url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_id

GHSA-hc6x-cw6p-gj7h

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/

url

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h

reference_url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_id

ntap-20240307-0011

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/

url

https://security.netapp.com/advisory/ntap-20240307-0011/

reference_url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_id

PixieFail-Proof-Of-Concepts.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/

url

http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html

reference_url	https://access.redhat.com/errata/RHSA-2024:2264
reference_id	RHSA-2024:2264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2264

reference_url	https://access.redhat.com/errata/RHSA-2024:3017
reference_id	RHSA-2024:3017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3017

reference_url	https://access.redhat.com/errata/RHSA-2024:4419
reference_id	RHSA-2024:4419
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4419

reference_url	https://access.redhat.com/errata/RHSA-2024:6845
reference_id	RHSA-2024:6845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6845

reference_url	https://access.redhat.com/errata/RHSA-2024:6849
reference_id	RHSA-2024:6849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6849

reference_url	https://access.redhat.com/errata/RHSA-2024:6931
reference_id	RHSA-2024:6931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6931

reference_url	https://access.redhat.com/errata/RHSA-2024:8449
reference_id	RHSA-2024:8449
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8449

reference_url	https://access.redhat.com/errata/RHSA-2024:8455
reference_id	RHSA-2024:8455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8455

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_id

SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-6?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-45235

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uyhp-7jdw-x7c3

url VCID-uywe-ern1-eqfd

vulnerability_id VCID-uywe-ern1-eqfd

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-48733

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.03062
published_at	2026-06-12T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.0305
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-48733

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48733
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48733

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137

reference_id

2040137

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/

url

https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137

reference_url

https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139

reference_id

2040139

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/

url

https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139

reference_url

https://www.openwall.com/lists/oss-security/2024/02/14/4

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/

url

https://www.openwall.com/lists/oss-security/2024/02/14/4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-48733

reference_id

CVE-2023-48733

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/

url

https://nvd.nist.gov/vuln/detail/CVE-2023-48733

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00028.html

reference_id

msg00028.html

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00028.html

reference_url	https://usn.ubuntu.com/6638-1/
reference_id	USN-6638-1
reference_type
scores
url	https://usn.ubuntu.com/6638-1/

fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-7?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-7%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2023-48733

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uywe-ern1-eqfd

url VCID-vcc1-j571-eubz

vulnerability_id VCID-vcc1-j571-eubz

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14559.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14559.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14559

reference_id

reference_type

scores

value	0.00688
scoring_system	epss
scoring_elements	0.72218
published_at	2026-06-11T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.72301
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14559

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14559
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14559

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758601
reference_id	1758601
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758601

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952926
reference_id	952926
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952926

reference_url	https://access.redhat.com/errata/RHSA-2020:4805
reference_id	RHSA-2020:4805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4805

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14559

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vcc1-j571-eubz

url VCID-vgvn-bvfg-g3fu

vulnerability_id VCID-vgvn-bvfg-g3fu

summary Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-4859

reference_id

reference_type

scores

value	0.00056
scoring_system	epss
scoring_elements	0.17744
published_at	2026-06-11T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17903
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-4859

fixed_packages

url	pkg:deb/debian/edk2@0?distro=trixie
purl	pkg:deb/debian/edk2@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2014-4859

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgvn-bvfg-g3fu

url VCID-wu8f-zx48-dbf3

vulnerability_id VCID-wu8f-zx48-dbf3

summary Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-4860

reference_id

reference_type

scores

value	0.00042
scoring_system	epss
scoring_elements	0.13139
published_at	2026-06-11T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13237
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-4860

fixed_packages

url	pkg:deb/debian/edk2@0?distro=trixie
purl	pkg:deb/debian/edk2@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2014-4860

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wu8f-zx48-dbf3

url VCID-yjrq-8qp2-mkbk

vulnerability_id VCID-yjrq-8qp2-mkbk

summary Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12182.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12182.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12182

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26303
published_at	2026-06-11T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26504
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12182

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1694081
reference_id	1694081
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1694081

reference_url	https://usn.ubuntu.com/6920-1/
reference_id	USN-6920-1
reference_type
scores
url	https://usn.ubuntu.com/6920-1/

fixed_packages

url	pkg:deb/debian/edk2@0?distro=trixie
purl	pkg:deb/debian/edk2@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-65n6-vsa9-73bq

vulnerability	VCID-7k27-cwba-33em

vulnerability	VCID-8yqn-3pca-dqdq

vulnerability	VCID-ged6-dpmk-dbd5

vulnerability	VCID-jv1m-wgs7-8ubs

vulnerability	VCID-nd65-8cs1-akdd

vulnerability	VCID-q2wg-vfs5-93bd

vulnerability	VCID-sakv-myv8-2yfs

vulnerability	VCID-x9v2-b2pw-y3ez

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ged6-dpmk-dbd5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2018-12182

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjrq-8qp2-mkbk

Risk_score 3.8

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

Package Instance