VulnerableCode Package Details - pkg:rpm/redhat/ovmf@20180508-6.gitee3198e672e2?arch=el7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/ovmf@20180508-6.gitee3198e672e2?arch=el7

Essentials
History (10)

purl	pkg:rpm/redhat/ovmf@20180508-6.gitee3198e672e2?arch=el7

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	8.6

Vulnerabilities affecting this package (10)

Vulnerability	Summary	Fixed by
VCID-7k66-95dh-33eu Aliases: CVE-2017-5732	edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c	There are no reported fixed by versions.
VCID-bprw-tev2-p7be Aliases: CVE-2017-5733	edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function	There are no reported fixed by versions.
VCID-cxt8-a2gb-ubaj Aliases: CVE-2017-5735	edk2: Privilege escalation via heap-based buffer overflow in Decode() function	There are no reported fixed by versions.
VCID-dst7-q1b4-63ft Aliases: CVE-2018-12181	edk2: Stack buffer overflow with corrupted BMP	There are no reported fixed by versions.
VCID-q448-gmmp-pkaa Aliases: CVE-2019-0161	edk2: stack overflow in XHCI causing denial of service	There are no reported fixed by versions.
VCID-rmtn-3fr5-s7ef Aliases: CVE-2017-5731	edk2: Privilege escalation via processing of malformed files in TianoCompress.c	There are no reported fixed by versions.
VCID-s69t-vde7-1fem Aliases: CVE-2019-0160	edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media	There are no reported fixed by versions.
VCID-um36-tnsf-s7dn Aliases: CVE-2017-5734	edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function	There are no reported fixed by versions.
VCID-xauk-31cb-6fgh Aliases: CVE-2018-3613	edk2: Logic error in MdeModulePkg in EDK II firmware allows for privilege escalation by authenticated users	There are no reported fixed by versions.
VCID-z3fb-nqcp-g3fq Aliases: CVE-2018-5407	Multiple Information Disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:24:30.792685+00:00	RedHat Importer	Affected by	VCID-q448-gmmp-pkaa	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0161.json	38.0.0
2026-04-01T14:22:01.136245+00:00	RedHat Importer	Affected by	VCID-cxt8-a2gb-ubaj	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5735.json	38.0.0
2026-04-01T14:22:01.108047+00:00	RedHat Importer	Affected by	VCID-um36-tnsf-s7dn	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5734.json	38.0.0
2026-04-01T14:22:01.080844+00:00	RedHat Importer	Affected by	VCID-bprw-tev2-p7be	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5733.json	38.0.0
2026-04-01T14:22:01.052692+00:00	RedHat Importer	Affected by	VCID-7k66-95dh-33eu	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5732.json	38.0.0
2026-04-01T14:22:01.024748+00:00	RedHat Importer	Affected by	VCID-rmtn-3fr5-s7ef	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5731.json	38.0.0
2026-04-01T14:22:00.995975+00:00	RedHat Importer	Affected by	VCID-xauk-31cb-6fgh	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3613.json	38.0.0
2026-04-01T14:21:45.478228+00:00	RedHat Importer	Affected by	VCID-z3fb-nqcp-g3fq	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5407.json	38.0.0
2026-04-01T14:20:53.605148+00:00	RedHat Importer	Affected by	VCID-s69t-vde7-1fem	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0160.json	38.0.0
2026-04-01T14:20:49.242096+00:00	RedHat Importer	Affected by	VCID-dst7-q1b4-63ft	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12181.json	38.0.0