Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie

Type deb

Namespace debian

Name edk2

Version 0~20200229.4c0f6e34-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0

Latest_non_vulnerable_version 2025.11-5

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7snr-xbcq-n7bn

vulnerability_id VCID-7snr-xbcq-n7bn

summary edk2: double-unmap issue in SdMmcCreateTrb function in MdeModulePkg/Bus/Pci/SdMmcPciHcDxe/SdMmcPciHci.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14587.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14587.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14587

reference_id

reference_type

scores

value	0.00188
scoring_system	epss
scoring_elements	0.40546
published_at	2026-04-01T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40627
published_at	2026-04-08T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40655
published_at	2026-04-11T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40576
published_at	2026-04-07T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40637
published_at	2026-04-09T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40618
published_at	2026-04-12T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40599
published_at	2026-04-13T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40646
published_at	2026-04-16T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40615
published_at	2026-04-18T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40538
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14587

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1833352
reference_id	1833352
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1833352

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14587

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7snr-xbcq-n7bn

url VCID-bev8-5pts-ryh5

vulnerability_id VCID-bev8-5pts-ryh5

summary edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14563.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14563.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14563

reference_id

reference_type

scores

value	0.00054
scoring_system	epss
scoring_elements	0.16992
published_at	2026-04-01T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17163
published_at	2026-04-02T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17215
published_at	2026-04-04T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16996
published_at	2026-04-07T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17086
published_at	2026-04-08T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17143
published_at	2026-04-09T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17117
published_at	2026-04-11T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.1707
published_at	2026-04-12T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17009
published_at	2026-04-13T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16944
published_at	2026-04-16T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16945
published_at	2026-04-18T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16982
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14563

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14563
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14563

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758620
reference_id	1758620
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758620

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952934
reference_id	952934
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952934

reference_url	https://access.redhat.com/errata/RHSA-2020:1712
reference_id	RHSA-2020:1712
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1712

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14563

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bev8-5pts-ryh5

url VCID-ckyc-4ewv-dyhx

vulnerability_id VCID-ckyc-4ewv-dyhx

summary edk2: potential use-after-free due to the original configuration runtime memory is freed but it is still exposed to the OS runtime

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14586.json

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14586.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14586

reference_id

reference_type

scores

value	0.00135
scoring_system	epss
scoring_elements	0.33141
published_at	2026-04-01T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33271
published_at	2026-04-02T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33303
published_at	2026-04-04T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33136
published_at	2026-04-07T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33179
published_at	2026-04-08T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33213
published_at	2026-04-09T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33215
published_at	2026-04-11T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33176
published_at	2026-04-12T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33153
published_at	2026-04-13T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33193
published_at	2026-04-16T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33171
published_at	2026-04-18T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33133
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14586

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14586
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14586

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1833340
reference_id	1833340
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1833340

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14586

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ckyc-4ewv-dyhx

url VCID-fjff-f33s-5yen

vulnerability_id VCID-fjff-f33s-5yen

summary edk2: DxeImageVerificationHandler() fails open in case of dbx signature check

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14575.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14575.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14575

reference_id

reference_type

scores

value	0.00061
scoring_system	epss
scoring_elements	0.19102
published_at	2026-04-01T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19237
published_at	2026-04-02T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19288
published_at	2026-04-04T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19005
published_at	2026-04-07T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19085
published_at	2026-04-08T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19138
published_at	2026-04-09T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19145
published_at	2026-04-11T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19098
published_at	2026-04-12T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19045
published_at	2026-04-13T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19002
published_at	2026-04-16T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19014
published_at	2026-04-18T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19022
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14575

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1736862
reference_id	1736862
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1736862

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952935
reference_id	952935
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952935

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14575

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fjff-f33s-5yen

url VCID-mfbp-ej43-hbh5

vulnerability_id VCID-mfbp-ej43-hbh5

summary edk2: potentially leaking of secret information due to uncleared memory

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14558.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14558.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14558

reference_id

reference_type

scores

value	0.0012
scoring_system	epss
scoring_elements	0.30963
published_at	2026-04-01T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.31089
published_at	2026-04-02T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.31135
published_at	2026-04-04T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.30951
published_at	2026-04-07T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.31008
published_at	2026-04-08T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.31037
published_at	2026-04-09T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.31044
published_at	2026-04-11T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.31
published_at	2026-04-12T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.30955
published_at	2026-04-13T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.30986
published_at	2026-04-16T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.30967
published_at	2026-04-18T12:55:00Z

value	0.0012
scoring_system	epss
scoring_elements	0.30932
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14558

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1833347
reference_id	1833347
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1833347

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14558

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mfbp-ej43-hbh5

url VCID-w1dc-2k92-u7ha

vulnerability_id VCID-w1dc-2k92-u7ha

summary edk2: memory leak in ArpOnFrameRcvdDpc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14559.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14559.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14559

reference_id

reference_type

scores

value	0.00688
scoring_system	epss
scoring_elements	0.7168
published_at	2026-04-01T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71687
published_at	2026-04-02T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71705
published_at	2026-04-04T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71679
published_at	2026-04-07T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71717
published_at	2026-04-08T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71729
published_at	2026-04-09T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71753
published_at	2026-04-11T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71736
published_at	2026-04-12T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71719
published_at	2026-04-13T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71762
published_at	2026-04-16T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.71768
published_at	2026-04-18T12:55:00Z

value	0.00688
scoring_system	epss
scoring_elements	0.7175
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14559

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14559
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14559

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758601
reference_id	1758601
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758601

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952926
reference_id	952926
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952926

reference_url	https://access.redhat.com/errata/RHSA-2020:4805
reference_id	RHSA-2020:4805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4805

reference_url	https://usn.ubuntu.com/4349-1/
reference_id	USN-4349-1
reference_type
scores
url	https://usn.ubuntu.com/4349-1/

fixed_packages

url	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
purl	pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

aliases CVE-2019-14559

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w1dc-2k92-u7ha

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie

Package Instance