Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-k7n3-f3ej-tqa9

Summary edk2: edk2: UEFI Shell access in Secure Boot environments allows bypass of Secure Boot constraints

Aliases

alias	CVE-2025-2486

Fixed_packages

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2

purl pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2atx-ce9g-tbds

vulnerability	VCID-2nzx-2ymt-kuhv

vulnerability	VCID-5czu-f7hq-v3bf

vulnerability	VCID-9j1j-68kv-ufhn

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-fxxz-zj2j-1qdz

vulnerability	VCID-h4uc-8m6s-ffhy

vulnerability	VCID-ha36-4zhr-mfcu

vulnerability	VCID-hme1-vqbr-qydz

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-nqk5-vmve-d3cq

vulnerability	VCID-pf73-medx-quet

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-r575-k7j8-hbfy

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-u9mt-wbe7-yfb6

vulnerability	VCID-v17c-bytr-6qe4

vulnerability	VCID-vzd4-6nza-4bgx

vulnerability	VCID-w7z8-86tz-87eb

vulnerability	VCID-x5x7-rwjh-wbb7

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2

url	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/edk2@2023.11-7?distro=trixie
purl	pkg:deb/debian/edk2@2023.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-7%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/edk2@2025.02-9?distro=trixie

purl pkg:deb/debian/edk2@2025.02-9?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zd64-tjtu-sua3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-4?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie

url	pkg:deb/debian/edk2@2025.11-5?distro=trixie
purl	pkg:deb/debian/edk2@2025.11-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/edk2@0~20131112.2590861a-3

purl pkg:deb/debian/edk2@0~20131112.2590861a-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12pz-n6cq-3kg9

vulnerability	VCID-2atx-ce9g-tbds

vulnerability	VCID-2nzx-2ymt-kuhv

vulnerability	VCID-5czu-f7hq-v3bf

vulnerability	VCID-7snr-xbcq-n7bn

vulnerability	VCID-8u8r-kpy1-sua4

vulnerability	VCID-9j1j-68kv-ufhn

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-bev8-5pts-ryh5

vulnerability	VCID-bfkk-ttfx-u3bb

vulnerability	VCID-ckyc-4ewv-dyhx

vulnerability	VCID-cqwr-6xc1-z7dy

vulnerability	VCID-dst7-q1b4-63ft

vulnerability	VCID-fjff-f33s-5yen

vulnerability	VCID-fxxz-zj2j-1qdz

vulnerability	VCID-h4uc-8m6s-ffhy

vulnerability	VCID-ha36-4zhr-mfcu

vulnerability	VCID-hme1-vqbr-qydz

vulnerability	VCID-jru9-qcjy-93d1

vulnerability	VCID-k7n3-f3ej-tqa9

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mfbp-ej43-hbh5

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-mgbq-zh3v-uudp

vulnerability	VCID-nqk5-vmve-d3cq

vulnerability	VCID-pf73-medx-quet

vulnerability	VCID-q448-gmmp-pkaa

vulnerability	VCID-q4pf-fuwv-d3e3

vulnerability	VCID-qbgw-q6yb-g7d3

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-r575-k7j8-hbfy

vulnerability	VCID-s1qw-sn4h-xyfe

vulnerability	VCID-s69t-vde7-1fem

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-u9mt-wbe7-yfb6

vulnerability	VCID-v17c-bytr-6qe4

vulnerability	VCID-vzd4-6nza-4bgx

vulnerability	VCID-w1dc-2k92-u7ha

vulnerability	VCID-w7z8-86tz-87eb

vulnerability	VCID-x5x7-rwjh-wbb7

vulnerability	VCID-xb4u-976f-efdb

vulnerability	VCID-xbzy-jfjd-j3ew

vulnerability	VCID-yyqe-rr6t-c3hd

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20131112.2590861a-3

url pkg:deb/debian/edk2@0~20161202.7bbe0b3e-1%2Bdeb9u1

purl pkg:deb/debian/edk2@0~20161202.7bbe0b3e-1%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12pz-n6cq-3kg9

vulnerability	VCID-2atx-ce9g-tbds

vulnerability	VCID-2nzx-2ymt-kuhv

vulnerability	VCID-5czu-f7hq-v3bf

vulnerability	VCID-7snr-xbcq-n7bn

vulnerability	VCID-8u8r-kpy1-sua4

vulnerability	VCID-9j1j-68kv-ufhn

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-bev8-5pts-ryh5

vulnerability	VCID-bfkk-ttfx-u3bb

vulnerability	VCID-ckyc-4ewv-dyhx

vulnerability	VCID-cqwr-6xc1-z7dy

vulnerability	VCID-dst7-q1b4-63ft

vulnerability	VCID-fjff-f33s-5yen

vulnerability	VCID-fxxz-zj2j-1qdz

vulnerability	VCID-h4uc-8m6s-ffhy

vulnerability	VCID-ha36-4zhr-mfcu

vulnerability	VCID-hme1-vqbr-qydz

vulnerability	VCID-jru9-qcjy-93d1

vulnerability	VCID-k7n3-f3ej-tqa9

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mfbp-ej43-hbh5

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-mgbq-zh3v-uudp

vulnerability	VCID-nqk5-vmve-d3cq

vulnerability	VCID-pf73-medx-quet

vulnerability	VCID-q448-gmmp-pkaa

vulnerability	VCID-q4pf-fuwv-d3e3

vulnerability	VCID-qbgw-q6yb-g7d3

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-r575-k7j8-hbfy

vulnerability	VCID-s1qw-sn4h-xyfe

vulnerability	VCID-s69t-vde7-1fem

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-u9mt-wbe7-yfb6

vulnerability	VCID-v17c-bytr-6qe4

vulnerability	VCID-vzd4-6nza-4bgx

vulnerability	VCID-w1dc-2k92-u7ha

vulnerability	VCID-w7z8-86tz-87eb

vulnerability	VCID-x5x7-rwjh-wbb7

vulnerability	VCID-xb4u-976f-efdb

vulnerability	VCID-xbzy-jfjd-j3ew

vulnerability	VCID-yyqe-rr6t-c3hd

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20161202.7bbe0b3e-1%252Bdeb9u1

url pkg:deb/debian/edk2@0~20181115.85588389-3%2Bdeb10u3

purl pkg:deb/debian/edk2@0~20181115.85588389-3%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-12pz-n6cq-3kg9

vulnerability	VCID-2atx-ce9g-tbds

vulnerability	VCID-2nzx-2ymt-kuhv

vulnerability	VCID-5czu-f7hq-v3bf

vulnerability	VCID-7snr-xbcq-n7bn

vulnerability	VCID-8u8r-kpy1-sua4

vulnerability	VCID-9j1j-68kv-ufhn

vulnerability	VCID-b7a9-w2fs-dbh7

vulnerability	VCID-bev8-5pts-ryh5

vulnerability	VCID-bfkk-ttfx-u3bb

vulnerability	VCID-ckyc-4ewv-dyhx

vulnerability	VCID-fjff-f33s-5yen

vulnerability	VCID-fxxz-zj2j-1qdz

vulnerability	VCID-h4uc-8m6s-ffhy

vulnerability	VCID-ha36-4zhr-mfcu

vulnerability	VCID-hme1-vqbr-qydz

vulnerability	VCID-jru9-qcjy-93d1

vulnerability	VCID-k7n3-f3ej-tqa9

vulnerability	VCID-k7zd-s9nc-r3hb

vulnerability	VCID-mfbp-ej43-hbh5

vulnerability	VCID-mg21-k76s-sqfp

vulnerability	VCID-mgbq-zh3v-uudp

vulnerability	VCID-nqk5-vmve-d3cq

vulnerability	VCID-pf73-medx-quet

vulnerability	VCID-qbgw-q6yb-g7d3

vulnerability	VCID-quq1-8rke-c3gf

vulnerability	VCID-r48c-b4df-ffhx

vulnerability	VCID-r575-k7j8-hbfy

vulnerability	VCID-sd4b-3g4z-mubq

vulnerability	VCID-u9mt-wbe7-yfb6

vulnerability	VCID-v17c-bytr-6qe4

vulnerability	VCID-vzd4-6nza-4bgx

vulnerability	VCID-w1dc-2k92-u7ha

vulnerability	VCID-w7z8-86tz-87eb

vulnerability	VCID-x5x7-rwjh-wbb7

vulnerability	VCID-xb4u-976f-efdb

vulnerability	VCID-xbzy-jfjd-j3ew

vulnerability	VCID-yyqe-rr6t-c3hd

vulnerability	VCID-z1gk-5f8t-tqau

vulnerability	VCID-zd64-tjtu-sua3

vulnerability	VCID-zwx2-8yhh-7yef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-3%252Bdeb10u3

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2486.json

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2486.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-2486

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.06721
published_at	2026-04-02T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06779
published_at	2026-04-16T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06842
published_at	2026-04-12T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06836
published_at	2026-04-13T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06768
published_at	2026-04-04T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06754
published_at	2026-04-07T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06806
published_at	2026-04-08T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06845
published_at	2026-04-09T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06848
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-2486

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2486
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2486

reference_url

https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2101797

reference_id

2101797

reference_type

scores

value	3.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:U

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T18:25:19Z/

url

https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2101797

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2417316
reference_id	2417316
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2417316

Weaknesses

cwe_id	489
name	Active Debug Code
description	The product is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.

Exploits

Severity_range_score 3.6 - 3.7

Exploitability 0.5

Weighted_severity 3.2

Risk_score 1.6

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k7n3-f3ej-tqa9

Vulnerability Instance