Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-stpq-vk6v-k3g4

Summary Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase.

Aliases

alias	CVE-2014-4860

Fixed_packages

url	pkg:deb/debian/edk2@0?distro=trixie
purl	pkg:deb/debian/edk2@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-4860

reference_id

reference_type

scores

value	0.00037
scoring_system	epss
scoring_elements	0.11025
published_at	2026-04-01T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11155
published_at	2026-04-02T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11218
published_at	2026-04-04T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11035
published_at	2026-04-07T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11114
published_at	2026-04-08T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.1117
published_at	2026-04-09T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11174
published_at	2026-04-11T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11142
published_at	2026-04-12T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11119
published_at	2026-04-13T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.10984
published_at	2026-04-16T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.10998
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-4860

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-stpq-vk6v-k3g4

Vulnerability Instance