{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","type":"deb","namespace":"debian","name":"edk2","version":"2025.02-9","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2025.11-1","latest_non_vulnerable_version":"2025.11-5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66065?format=json","vulnerability_id":"VCID-zd64-tjtu-sua3","summary":"EDK2: EDK2: Information Disclosure and Privilege Escalation via Local BIOS Access","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38798.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38798","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0725","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07226","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07271","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07305","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07331","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09911","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0989","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09948","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38798"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122288","reference_id":"1122288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122288"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420643","reference_id":"2420643","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420643"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-q2c6-37h5-7cwf","reference_id":"GHSA-q2c6-37h5-7cwf","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-09T15:14:01Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-q2c6-37h5-7cwf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/922028?format=json","purl":"pkg:deb/debian/edk2@2025.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2024-38798"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zd64-tjtu-sua3"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80779?format=json","vulnerability_id":"VCID-12pz-n6cq-3kg9","summary":"edk2: unlimited FV recursion, round 2","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28210.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28210.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28210","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30681","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30683","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30773","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30729","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30813","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3086","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30679","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30738","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3077","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28210"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28210","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28210"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1883552","reference_id":"1883552","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1883552"},{"reference_url":"https://security.archlinux.org/AVG-1697","reference_id":"AVG-1697","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4198","reference_id":"RHSA-2021:4198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4198"},{"reference_url":"https://usn.ubuntu.com/4923-1/","reference_id":"USN-4923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4923-1/"},{"reference_url":"https://usn.ubuntu.com/7060-1/","reference_id":"USN-7060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583000?format=json","purl":"pkg:deb/debian/edk2@2020.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2021-28210"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-12pz-n6cq-3kg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75405?format=json","vulnerability_id":"VCID-2atx-ce9g-tbds","summary":"edk2: Temporary DoS vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1298.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1298.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1298","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09411","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09355","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09406","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09317","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09391","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09438","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09452","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09426","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1298"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1298"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284243","reference_id":"2284243","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2284243"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7NUL7NSZQ76A5OKDUCODQNY7WSX4SST/","reference_id":"F7NUL7NSZQ76A5OKDUCODQNY7WSX4SST","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-13T14:21:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7NUL7NSZQ76A5OKDUCODQNY7WSX4SST/"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53","reference_id":"GHSA-chfw-xj8f-6m53","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-13T14:21:54Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4747","reference_id":"RHSA-2024:4747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5297","reference_id":"RHSA-2024:5297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5623","reference_id":"RHSA-2024:5623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9088","reference_id":"RHSA-2024:9088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9088"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIMEZWDKEIQKU7NMHKL57DOCITPGEXYN/","reference_id":"VIMEZWDKEIQKU7NMHKL57DOCITPGEXYN","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-13T14:21:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIMEZWDKEIQKU7NMHKL57DOCITPGEXYN/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586289?format=json","purl":"pkg:deb/debian/edk2@2024.05-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2024.05-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2024-1298"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2atx-ce9g-tbds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80236?format=json","vulnerability_id":"VCID-2nzx-2ymt-kuhv","summary":"edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38575.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38575.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38575","reference_id":"","reference_type":"","scores":[{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67211","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67286","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67335","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67322","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67248","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67272","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.6725","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67301","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67315","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38575"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956284","reference_id":"1956284","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956284"},{"reference_url":"https://security.archlinux.org/AVG-2382","reference_id":"AVG-2382","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3066","reference_id":"RHSA-2021:3066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3172","reference_id":"RHSA-2021:3172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3235","reference_id":"RHSA-2021:3235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3369","reference_id":"RHSA-2021:3369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3369"},{"reference_url":"https://usn.ubuntu.com/5088-1/","reference_id":"USN-5088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5088-1/"},{"reference_url":"https://usn.ubuntu.com/7060-1/","reference_id":"USN-7060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586067?format=json","purl":"pkg:deb/debian/edk2@2021.08-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2021.08-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2021-38575"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2nzx-2ymt-kuhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77807?format=json","vulnerability_id":"VCID-5czu-f7hq-v3bf","summary":"edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45229.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45229.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45229","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32942","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33063","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33096","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32925","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32972","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33005","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32967","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45229"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256","reference_id":"1061256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:42Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258677","reference_id":"2258677","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258677"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:42Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html","reference_id":"PixieFail-Proof-Of-Concepts.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:42Z/"}],"url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2264","reference_id":"RHSA-2024:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3017","reference_id":"RHSA-2024:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4419","reference_id":"RHSA-2024:4419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4419"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583211?format=json","purl":"pkg:deb/debian/edk2@2023.11-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45229"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5czu-f7hq-v3bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/149401?format=json","vulnerability_id":"VCID-6xr7-4aq5-rye5","summary":"Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4859","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11803","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11919","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11966","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11755","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11838","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11889","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.119","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11862","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11834","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4859"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585972?format=json","purl":"pkg:deb/debian/edk2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2014-4859"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xr7-4aq5-rye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81589?format=json","vulnerability_id":"VCID-7snr-xbcq-n7bn","summary":"edk2: double-unmap issue in SdMmcCreateTrb function in MdeModulePkg/Bus/Pci/SdMmcPciHcDxe/SdMmcPciHci.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14587.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14587","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40546","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40655","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40576","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40637","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40618","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40599","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1833352","reference_id":"1833352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1833352"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583266?format=json","purl":"pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14587"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7snr-xbcq-n7bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80778?format=json","vulnerability_id":"VCID-8u8r-kpy1-sua4","summary":"edk2: possible heap corruption with LzmaUefiDecompressGetInfo","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28211.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28211.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28211","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18742","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18695","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18791","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18745","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18878","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18653","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18733","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18786","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28211"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1883529","reference_id":"1883529","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1883529"},{"reference_url":"https://security.archlinux.org/AVG-1697","reference_id":"AVG-1697","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2591","reference_id":"RHSA-2021:2591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2591"},{"reference_url":"https://usn.ubuntu.com/4923-1/","reference_id":"USN-4923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4923-1/"},{"reference_url":"https://usn.ubuntu.com/7060-1/","reference_id":"USN-7060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583000?format=json","purl":"pkg:deb/debian/edk2@2020.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2021-28211"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8u8r-kpy1-sua4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77853?format=json","vulnerability_id":"VCID-9j1j-68kv-ufhn","summary":"EDK2: heap buffer overflow in Tcg2MeasureGptTable()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36763.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36763","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19037","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1885","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18811","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18891","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18943","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18949","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18902","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1909","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36763"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408","reference_id":"1060408","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257582","reference_id":"2257582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257582"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr","reference_id":"GHSA-xvv8-66cq-prwr","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T19:10:15Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2264","reference_id":"RHSA-2024:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3017","reference_id":"RHSA-2024:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3017"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T19:10:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583129?format=json","purl":"pkg:deb/debian/edk2@2023.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2022-36763"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9j1j-68kv-ufhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70449?format=json","vulnerability_id":"VCID-b7a9-w2fs-dbh7","summary":"edk2: Out-of-bounds Read in EDK2","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38797.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38797","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27002","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.271","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27103","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27059","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27157","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27194","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26986","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27054","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38797"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102519","reference_id":"1102519","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102519"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2358006","reference_id":"2358006","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2358006"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-4wjw-6xmf-44xf","reference_id":"GHSA-4wjw-6xmf-44xf","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T14:20:28Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-4wjw-6xmf-44xf"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/922027?format=json","purl":"pkg:deb/debian/edk2@2025.02-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2024-38797"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b7a9-w2fs-dbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81605?format=json","vulnerability_id":"VCID-bev8-5pts-ryh5","summary":"edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14563.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14563.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14563","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16992","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17163","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17215","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17086","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17143","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17117","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1707","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17009","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14563"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14563","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14563"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1758620","reference_id":"1758620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1758620"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952934","reference_id":"952934","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1712","reference_id":"RHSA-2020:1712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1712"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583266?format=json","purl":"pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14563"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bev8-5pts-ryh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80224?format=json","vulnerability_id":"VCID-bfkk-ttfx-u3bb","summary":"edk2: encrypted private key in the IpSecDxe.efi present potential security risks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28213.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28213.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28213","reference_id":"","reference_type":"","scores":[{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.5037","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50425","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50454","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50461","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50455","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50496","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50473","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50458","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28213"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1971724","reference_id":"1971724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1971724"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989988","reference_id":"989988","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989988"},{"reference_url":"https://security.archlinux.org/AVG-2070","reference_id":"AVG-2070","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2070"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585454?format=json","purl":"pkg:deb/debian/edk2@0~20190606.20d2e5a1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20190606.20d2e5a1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2021-28213"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bfkk-ttfx-u3bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81587?format=json","vulnerability_id":"VCID-ckyc-4ewv-dyhx","summary":"edk2: potential use-after-free due to the original configuration runtime memory is freed but it is still exposed to the OS runtime","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14586.json","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14586.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14586","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33141","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33271","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33303","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33136","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33179","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33213","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33215","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33176","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33153","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14586"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1833340","reference_id":"1833340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1833340"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583266?format=json","purl":"pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14586"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ckyc-4ewv-dyhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82760?format=json","vulnerability_id":"VCID-cqwr-6xc1-z7dy","summary":"edk2: Buffer Overflow in BlockIo service for RAM disk","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12180.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12180","reference_id":"","reference_type":"","scores":[{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.799","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.79948","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.79953","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.79973","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.79957","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.79907","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.79928","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.79916","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.79945","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12180"},{"reference_url":"https://edk2-docs.gitbooks.io/security-advisory/content/buffer-overflow-in-blockio-service-for-ram-disk.html","reference_id":"","reference_type":"","scores":[],"url":"https://edk2-docs.gitbooks.io/security-advisory/content/buffer-overflow-in-blockio-service-for-ram-disk.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683372","reference_id":"1683372","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683372"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615","reference_id":"924615","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12180","reference_id":"CVE-2018-12180","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0809","reference_id":"RHSA-2019:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0968","reference_id":"RHSA-2019:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1116","reference_id":"RHSA-2019:1116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1116"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585552?format=json","purl":"pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2018-12180"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cqwr-6xc1-z7dy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82738?format=json","vulnerability_id":"VCID-dst7-q1b4-63ft","summary":"edk2: Stack buffer overflow with corrupted BMP","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12181.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12181.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12181","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33774","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3401","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34078","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34076","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34033","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34112","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34144","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34046","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12181"},{"reference_url":"https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html","reference_id":"","reference_type":"","scores":[],"url":"https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1686783","reference_id":"1686783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1686783"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615","reference_id":"924615","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12181","reference_id":"CVE-2018-12181","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:P/A:P"},{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2125","reference_id":"RHSA-2019:2125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3338","reference_id":"RHSA-2019:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3338"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585552?format=json","purl":"pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2018-12181"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dst7-q1b4-63ft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81603?format=json","vulnerability_id":"VCID-fjff-f33s-5yen","summary":"edk2: DxeImageVerificationHandler() fails open in case of dbx signature check","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14575.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14575.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14575","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19102","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19237","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19288","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19005","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19138","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19145","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19098","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19045","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14575"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1736862","reference_id":"1736862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1736862"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952935","reference_id":"952935","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952935"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583266?format=json","purl":"pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14575"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fjff-f33s-5yen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77811?format=json","vulnerability_id":"VCID-fxxz-zj2j-1qdz","summary":"edk2: Infinite loop when parsing a PadN option in the Destination Options header","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45233.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45233","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65191","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65199","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65258","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65271","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65253","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65241","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65225","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256","reference_id":"1061256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258694","reference_id":"2258694","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258694"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html","reference_id":"PixieFail-Proof-Of-Concepts.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/"}],"url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2264","reference_id":"RHSA-2024:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3017","reference_id":"RHSA-2024:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8104","reference_id":"RHSA-2024:8104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8104"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583211?format=json","purl":"pkg:deb/debian/edk2@2023.11-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45233"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxxz-zj2j-1qdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77810?format=json","vulnerability_id":"VCID-h4uc-8m6s-ffhy","summary":"edk2: Infinite loop when parsing unknown options in the Destination Options header","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45232.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45232.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45232","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65199","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65225","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65191","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65241","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65253","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65271","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65258","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45232"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256","reference_id":"1061256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258691","reference_id":"2258691","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258691"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html","reference_id":"PixieFail-Proof-Of-Concepts.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/"}],"url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2264","reference_id":"RHSA-2024:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3017","reference_id":"RHSA-2024:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8104","reference_id":"RHSA-2024:8104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8104"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583211?format=json","purl":"pkg:deb/debian/edk2@2023.11-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45232"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4uc-8m6s-ffhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77812?format=json","vulnerability_id":"VCID-ha36-4zhr-mfcu","summary":"edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45234.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45234.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45234","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53871","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53859","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53857","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53905","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53887","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45234"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45234","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45234"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256","reference_id":"1061256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258697","reference_id":"2258697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258697"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html","reference_id":"PixieFail-Proof-Of-Concepts.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/"}],"url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1063","reference_id":"RHSA-2024:1063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1075","reference_id":"RHSA-2024:1075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1076","reference_id":"RHSA-2024:1076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1077","reference_id":"RHSA-2024:1077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1305","reference_id":"RHSA-2024:1305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1415","reference_id":"RHSA-2024:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1722","reference_id":"RHSA-2024:1722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3497","reference_id":"RHSA-2024:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3497"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T20:09:26Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583211?format=json","purl":"pkg:deb/debian/edk2@2023.11-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45234"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ha36-4zhr-mfcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77855?format=json","vulnerability_id":"VCID-hme1-vqbr-qydz","summary":"EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36765.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36765","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1208","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12006","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12012","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12064","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12033","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12125","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36765"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408","reference_id":"1060408","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257584","reference_id":"2257584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257584"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx","reference_id":"GHSA-ch4w-v7m3-g8wx","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:56:33Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3017","reference_id":"RHSA-2024:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4749","reference_id":"RHSA-2024:4749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4749"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:56:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583129?format=json","purl":"pkg:deb/debian/edk2@2023.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2022-36765"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hme1-vqbr-qydz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82051?format=json","vulnerability_id":"VCID-jru9-qcjy-93d1","summary":"edk2: DxeImageVerificationHandler integer overflow leads to endless loop","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14562.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14562.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14562","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13536","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13636","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13697","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13497","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13578","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13601","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13564","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13516","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14562"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869245","reference_id":"1869245","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869245"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968819","reference_id":"968819","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968819"},{"reference_url":"https://usn.ubuntu.com/4684-1/","reference_id":"USN-4684-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4684-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584390?format=json","purl":"pkg:deb/debian/edk2@2020.05-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.05-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14562"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jru9-qcjy-93d1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66428?format=json","vulnerability_id":"VCID-k7n3-f3ej-tqa9","summary":"edk2: edk2: UEFI Shell access in Secure Boot environments allows bypass of Secure Boot constraints","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2486.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2486.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2486","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06721","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06836","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06848","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06842","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06768","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06754","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06806","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06845","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2486"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2486","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2486"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2101797","reference_id":"2101797","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-26T18:25:19Z/"}],"url":"https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2101797"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2417316","reference_id":"2417316","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2417316"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586223?format=json","purl":"pkg:deb/debian/edk2@2023.11-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2025-2486"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k7n3-f3ej-tqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96666?format=json","vulnerability_id":"VCID-k7zd-s9nc-r3hb","summary":"EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3770","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06039","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05863","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05966","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05948","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06048","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05896","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05889","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05928","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3770"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110533","reference_id":"1110533","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110533"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-vx5v-4gg6-6qxr","reference_id":"GHSA-vx5v-4gg6-6qxr","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:28:05Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-vx5v-4gg6-6qxr"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2025-3770"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k7zd-s9nc-r3hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81588?format=json","vulnerability_id":"VCID-mfbp-ej43-hbh5","summary":"edk2: potentially leaking of secret information due to uncleared memory","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14558.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14558","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30963","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.31089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.31135","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30951","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.31008","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.31037","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.31044","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.31","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30955","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14558","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14558"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1833347","reference_id":"1833347","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1833347"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583266?format=json","purl":"pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14558"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfbp-ej43-hbh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72021?format=json","vulnerability_id":"VCID-mg21-k76s-sqfp","summary":"openssl: Timing side-channel in ECDSA signature computation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13176.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13176.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-13176","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22223","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22339","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22384","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22169","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22252","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22325","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22283","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-13176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13176"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844","reference_id":"07272b05b04836a762b4baa874958af51d513844","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/"}],"url":"https://github.com/openssl/openssl/commit/07272b05b04836a762b4baa874958af51d513844"},{"reference_url":"https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded","reference_id":"0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/"}],"url":"https://github.openssl.org/openssl/extended-releases/commit/0d5fd1ab987f7571e2c955d8d8b638fc0fb54ded"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027","reference_id":"1094027","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027"},{"reference_url":"https://openssl-library.org/news/secadv/20250120.txt","reference_id":"20250120.txt","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/"}],"url":"https://openssl-library.org/news/secadv/20250120.txt"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338999","reference_id":"2338999","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338999"},{"reference_url":"https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467","reference_id":"2af62e74fb59bc469506bc37eb2990ea408d9467","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/"}],"url":"https://github.com/openssl/openssl/commit/2af62e74fb59bc469506bc37eb2990ea408d9467"},{"reference_url":"https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902","reference_id":"392dcb336405a0c94486aa6655057f59fd3a0902","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/"}],"url":"https://github.com/openssl/openssl/commit/392dcb336405a0c94486aa6655057f59fd3a0902"},{"reference_url":"https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65","reference_id":"4b1cb94a734a7d4ec363ac0a215a25c181e11f65","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/"}],"url":"https://github.com/openssl/openssl/commit/4b1cb94a734a7d4ec363ac0a215a25c181e11f65"},{"reference_url":"https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f","reference_id":"77c608f4c8857e63e98e66444e2e761c9627916f","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/"}],"url":"https://github.com/openssl/openssl/commit/77c608f4c8857e63e98e66444e2e761c9627916f"},{"reference_url":"https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86","reference_id":"a2639000db19878d5d89586ae7b725080592ae86","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T20:21:21Z/"}],"url":"https://github.openssl.org/openssl/extended-releases/commit/a2639000db19878d5d89586ae7b725080592ae86"},{"reference_url":"https://usn.ubuntu.com/7264-1/","reference_id":"USN-7264-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7264-1/"},{"reference_url":"https://usn.ubuntu.com/7278-1/","reference_id":"USN-7278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7278-1/"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2024-13176"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mg21-k76s-sqfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80852?format=json","vulnerability_id":"VCID-mgbq-zh3v-uudp","summary":"edk2: NULL pointer dereference in AuthenticodeVerify()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14584.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14584.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14584","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23933","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23911","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24011","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23968","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2406","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24098","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23881","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23948","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23995","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14584"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14584"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889486","reference_id":"1889486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889486"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977300","reference_id":"977300","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977300"},{"reference_url":"https://security.archlinux.org/AVG-1359","reference_id":"AVG-1359","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4198","reference_id":"RHSA-2021:4198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4198"},{"reference_url":"https://usn.ubuntu.com/4684-1/","reference_id":"USN-4684-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4684-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583000?format=json","purl":"pkg:deb/debian/edk2@2020.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14584"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mgbq-zh3v-uudp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94863?format=json","vulnerability_id":"VCID-nqk5-vmve-d3cq","summary":"A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38576","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48956","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4902","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.48973","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49027","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49023","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4904","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49013","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49019","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38576"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014468","reference_id":"1014468","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014468"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585832?format=json","purl":"pkg:deb/debian/edk2@2021.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2021.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2021-38576"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqk5-vmve-d3cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94697?format=json","vulnerability_id":"VCID-pf73-medx-quet","summary":"BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28216","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33417","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.3339","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33526","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33559","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.334","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33444","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33478","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33481","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.3344","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28216"},{"reference_url":"https://security.archlinux.org/AVG-2592","reference_id":"AVG-2592","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2592"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583759?format=json","purl":"pkg:deb/debian/edk2@2021.11~rc1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2021.11~rc1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2021-28216"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pf73-medx-quet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83411?format=json","vulnerability_id":"VCID-q448-gmmp-pkaa","summary":"edk2: stack overflow in XHCI causing denial of service","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00046.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00046.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0161.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0161","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13913","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13863","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13992","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13948","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13911","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13996","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14051","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13854","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13939","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0161"},{"reference_url":"https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html","reference_id":"","reference_type":"","scores":[],"url":"https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694065","reference_id":"1694065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694065"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0161","reference_id":"CVE-2019-0161","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2125","reference_id":"RHSA-2019:2125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2437","reference_id":"RHSA-2019:2437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3338","reference_id":"RHSA-2019:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3338"},{"reference_url":"https://usn.ubuntu.com/7060-1/","reference_id":"USN-7060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585572?format=json","purl":"pkg:deb/debian/edk2@0~20180803.dd4cae4d-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20180803.dd4cae4d-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-0161"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q448-gmmp-pkaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82759?format=json","vulnerability_id":"VCID-q4pf-fuwv-d3e3","summary":"edk2: improper DNS packet size check","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12178.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12178","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63463","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63598","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63566","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63583","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63522","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6355","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63514","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12178"},{"reference_url":"https://edk2-docs.gitbooks.io/security-advisory/content/dns-pack-size-check.html","reference_id":"","reference_type":"","scores":[],"url":"https://edk2-docs.gitbooks.io/security-advisory/content/dns-pack-size-check.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683326","reference_id":"1683326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683326"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615","reference_id":"924615","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924615"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12178","reference_id":"CVE-2018-12178","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12178"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585552?format=json","purl":"pkg:deb/debian/edk2@0~20181115.85588389-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2018-12178"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4pf-fuwv-d3e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82691?format=json","vulnerability_id":"VCID-qbgw-q6yb-g7d3","summary":"edk2: improper configuration insystem firmware leads to privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12179.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12179","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30613","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30618","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30662","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30749","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30797","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30614","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30672","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30704","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12179"},{"reference_url":"https://edk2-docs.gitbooks.io/security-advisory/content/opal-blocksid-setting-disabled-after-s3.html","reference_id":"","reference_type":"","scores":[],"url":"https://edk2-docs.gitbooks.io/security-advisory/content/opal-blocksid-setting-disabled-after-s3.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694072","reference_id":"1694072","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694072"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927484","reference_id":"927484","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927484"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12179","reference_id":"CVE-2018-12179","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12179"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585454?format=json","purl":"pkg:deb/debian/edk2@0~20190606.20d2e5a1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20190606.20d2e5a1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2018-12179"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbgw-q6yb-g7d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77815?format=json","vulnerability_id":"VCID-quq1-8rke-c3gf","summary":"edk2: Use of a Weak PseudoRandom Number Generator","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45237.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45237","reference_id":"","reference_type":"","scores":[{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59161","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59197","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59185","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59149","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59201","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59234","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59216","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45237"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063727","reference_id":"1063727","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063727"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T19:58:00Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258706","reference_id":"2258706","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258706"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T19:58:00Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T19:58:00Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4419","reference_id":"RHSA-2024:4419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4749","reference_id":"RHSA-2024:4749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5297","reference_id":"RHSA-2024:5297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5297"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586289?format=json","purl":"pkg:deb/debian/edk2@2024.05-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2024.05-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45237"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-quq1-8rke-c3gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96534?format=json","vulnerability_id":"VCID-r48c-b4df-ffhx","summary":"EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2295","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28992","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29043","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29112","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29164","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28974","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29038","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29081","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29086","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2295"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100594","reference_id":"1100594","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100594"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-8522-69fh-w74x","reference_id":"GHSA-8522-69fh-w74x","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-17T15:58:41Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-8522-69fh-w74x"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/922029?format=json","purl":"pkg:deb/debian/edk2@2025.02-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2025-2295"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r48c-b4df-ffhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79619?format=json","vulnerability_id":"VCID-r575-k7j8-hbfy","summary":"edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38578.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38578.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38578","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19857","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20005","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19833","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19791","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19871","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19925","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19934","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19891","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20064","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38578"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014468","reference_id":"1014468","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014468"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1960321","reference_id":"1960321","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1960321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2165","reference_id":"RHSA-2023:2165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2165"},{"reference_url":"https://www.insyde.com/security-pledge/SA-2023024","reference_id":"SA-2023024","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:13:33Z/"}],"url":"https://www.insyde.com/security-pledge/SA-2023024"},{"reference_url":"https://bugzilla.tianocore.org/show_bug.cgi?id=3387","reference_id":"show_bug.cgi?id=3387","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:13:33Z/"}],"url":"https://bugzilla.tianocore.org/show_bug.cgi?id=3387"},{"reference_url":"https://usn.ubuntu.com/7060-1/","reference_id":"USN-7060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584420?format=json","purl":"pkg:deb/debian/edk2@2022.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2021-38578"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r575-k7j8-hbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82683?format=json","vulnerability_id":"VCID-s1qw-sn4h-xyfe","summary":"edk2: stack overflow in DxeCore leads to privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12183.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12183","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2505","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24973","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25068","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25028","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25127","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25167","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24941","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25009","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25054","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12183"},{"reference_url":"https://edk2-docs.gitbooks.io/security-advisory/content/unlimited-fv-recursion.html","reference_id":"","reference_type":"","scores":[],"url":"https://edk2-docs.gitbooks.io/security-advisory/content/unlimited-fv-recursion.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us"},{"reference_url":"http://www.securityfocus.com/bid/107643","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107643"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694077","reference_id":"1694077","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694077"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12183","reference_id":"CVE-2018-12183","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12183"},{"reference_url":"https://usn.ubuntu.com/6920-1/","reference_id":"USN-6920-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6920-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584171?format=json","purl":"pkg:deb/debian/edk2@0~20181115.85588389-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2018-12183"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s1qw-sn4h-xyfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82762?format=json","vulnerability_id":"VCID-s69t-vde7-1fem","summary":"edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0160.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0160.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0160","reference_id":"","reference_type":"","scores":[{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51303","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51402","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51395","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51393","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51416","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51356","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51382","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51341","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0160"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html","reference_id":"","reference_type":"","scores":[],"url":"https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691640","reference_id":"1691640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691640"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0160","reference_id":"CVE-2019-0160","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"8.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2125","reference_id":"RHSA-2019:2125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3338","reference_id":"RHSA-2019:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3338"},{"reference_url":"https://usn.ubuntu.com/6920-1/","reference_id":"USN-6920-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6920-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584171?format=json","purl":"pkg:deb/debian/edk2@0~20181115.85588389-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20181115.85588389-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-0160"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s69t-vde7-1fem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66064?format=json","vulnerability_id":"VCID-sd4b-3g4z-mubq","summary":"edk2: EDK2: Improper Input Validation allows arbitrary command execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2296.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2296","reference_id":"","reference_type":"","scores":[{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.3982","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39764","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39843","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39819","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39833","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46285","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46294","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46313","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2296"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420637","reference_id":"2420637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2420637"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-6pp6-cm5h-86g5","reference_id":"GHSA-6pp6-cm5h-86g5","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-09T15:11:03Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-6pp6-cm5h-86g5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/922030?format=json","purl":"pkg:deb/debian/edk2@2025.02-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2025-2296"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sd4b-3g4z-mubq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/149402?format=json","vulnerability_id":"VCID-stpq-vk6v-k3g4","summary":"Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4860","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11025","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11155","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11218","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11114","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1117","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11174","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11142","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11119","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4860"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585972?format=json","purl":"pkg:deb/debian/edk2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2014-4860"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-stpq-vk6v-k3g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77808?format=json","vulnerability_id":"VCID-u9mt-wbe7-yfb6","summary":"edk2: Buffer overflow in the DHCPv6 client via a long Server ID option","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45230.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45230.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45230","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53871","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53859","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53857","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53905","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53887","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45230"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256","reference_id":"1061256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258685","reference_id":"2258685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258685"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html","reference_id":"PixieFail-Proof-Of-Concepts.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/"}],"url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1004","reference_id":"RHSA-2024:1004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1013","reference_id":"RHSA-2024:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1063","reference_id":"RHSA-2024:1063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1075","reference_id":"RHSA-2024:1075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1076","reference_id":"RHSA-2024:1076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1077","reference_id":"RHSA-2024:1077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1415","reference_id":"RHSA-2024:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3497","reference_id":"RHSA-2024:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3497"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:15:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583211?format=json","purl":"pkg:deb/debian/edk2@2023.11-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45230"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9mt-wbe7-yfb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77813?format=json","vulnerability_id":"VCID-v17c-bytr-6qe4","summary":"edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45235.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45235.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45235","reference_id":"","reference_type":"","scores":[{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60351","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60403","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60356","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60423","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60416","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.604","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60382","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45235"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45235"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256","reference_id":"1061256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258700","reference_id":"2258700","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258700"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html","reference_id":"PixieFail-Proof-Of-Concepts.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/"}],"url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2264","reference_id":"RHSA-2024:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3017","reference_id":"RHSA-2024:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4419","reference_id":"RHSA-2024:4419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6845","reference_id":"RHSA-2024:6845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6849","reference_id":"RHSA-2024:6849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6931","reference_id":"RHSA-2024:6931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8449","reference_id":"RHSA-2024:8449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8455","reference_id":"RHSA-2024:8455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8455"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-20T05:00:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583211?format=json","purl":"pkg:deb/debian/edk2@2023.11-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45235"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v17c-bytr-6qe4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73742?format=json","vulnerability_id":"VCID-vzd4-6nza-4bgx","summary":"edk2: Integer overflows in PeCoffLoaderRelocateImage","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38796.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38796.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38796","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20742","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2082","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20838","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20794","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20908","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20968","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20682","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20759","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38796"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084055","reference_id":"1084055","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315390","reference_id":"2315390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2315390"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-xpcr-7hjq-m6qm","reference_id":"GHSA-xpcr-7hjq-m6qm","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T13:57:08Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-xpcr-7hjq-m6qm"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10268","reference_id":"RHSA-2024:10268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10272","reference_id":"RHSA-2024:10272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11185","reference_id":"RHSA-2024:11185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11194","reference_id":"RHSA-2024:11194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11219","reference_id":"RHSA-2024:11219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9921","reference_id":"RHSA-2024:9921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9930","reference_id":"RHSA-2024:9930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9946","reference_id":"RHSA-2024:9946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9956","reference_id":"RHSA-2024:9956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9956"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586804?format=json","purl":"pkg:deb/debian/edk2@2024.08-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2024.08-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2024-38796"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vzd4-6nza-4bgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81604?format=json","vulnerability_id":"VCID-w1dc-2k92-u7ha","summary":"edk2: memory leak in ArpOnFrameRcvdDpc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14559.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14559.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14559","reference_id":"","reference_type":"","scores":[{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.7168","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.71687","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.71705","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.71679","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.71717","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.71729","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.71753","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.71736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.71719","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14559"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1758601","reference_id":"1758601","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1758601"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952926","reference_id":"952926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4805","reference_id":"RHSA-2020:4805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4805"},{"reference_url":"https://usn.ubuntu.com/4349-1/","reference_id":"USN-4349-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4349-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583266?format=json","purl":"pkg:deb/debian/edk2@0~20200229.4c0f6e34-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20200229.4c0f6e34-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14559"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w1dc-2k92-u7ha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77809?format=json","vulnerability_id":"VCID-w7z8-86tz-87eb","summary":"edk2: Out of Bounds read when handling a ND Redirect message with truncated options","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45231.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45231","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32942","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33063","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33096","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32925","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32972","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33005","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32967","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45231"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256","reference_id":"1061256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061256"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258688","reference_id":"2258688","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258688"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html","reference_id":"PixieFail-Proof-Of-Concepts.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/"}],"url":"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2264","reference_id":"RHSA-2024:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3017","reference_id":"RHSA-2024:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4419","reference_id":"RHSA-2024:4419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4419"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-30T18:59:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583211?format=json","purl":"pkg:deb/debian/edk2@2023.11-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45231"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7z8-86tz-87eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77854?format=json","vulnerability_id":"VCID-x5x7-rwjh-wbb7","summary":"EDK2: heap buffer overflow in Tcg2MeasurePeImage()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36764.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36764","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1208","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12006","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12012","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12064","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12033","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12125","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36764"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408","reference_id":"1060408","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060408"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257583","reference_id":"2257583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257583"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j","reference_id":"GHSA-4hcq-p8q8-hj8j","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-06T21:12:01Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2264","reference_id":"RHSA-2024:2264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3017","reference_id":"RHSA-2024:3017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3017"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/","reference_id":"SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-06T21:12:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583127?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583129?format=json","purl":"pkg:deb/debian/edk2@2023.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2022-36764"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5x7-rwjh-wbb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82556?format=json","vulnerability_id":"VCID-xb4u-976f-efdb","summary":"edk2: Insufficient input validation in MdeModulePkg may lead to privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11098.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11098.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11098","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17141","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17194","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16972","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17062","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17118","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17094","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16986","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11098"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2007434","reference_id":"2007434","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2007434"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991495","reference_id":"991495","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991495"},{"reference_url":"https://usn.ubuntu.com/5088-1/","reference_id":"USN-5088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5088-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584820?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584821?format=json","purl":"pkg:deb/debian/edk2@2020.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-11098"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xb4u-976f-efdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82044?format=json","vulnerability_id":"VCID-xbzy-jfjd-j3ew","summary":"edk2: invalid server certificate accepted in HTTPS-over-IPv6 boot","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14553.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14553.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14553","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29908","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29952","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.3","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29813","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29876","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29911","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29917","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29871","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29822","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14553"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1758518","reference_id":"1758518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1758518"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941775","reference_id":"941775","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941775"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584703?format=json","purl":"pkg:deb/debian/edk2@0~20190828.37eef910-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0~20190828.37eef910-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2019-14553"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xbzy-jfjd-j3ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95817?format=json","vulnerability_id":"VCID-yyqe-rr6t-c3hd","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48733","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03368","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03356","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03409","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03388","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03384","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03317","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0334","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48733"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137","reference_id":"2040137","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/"}],"url":"https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139","reference_id":"2040139","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/"}],"url":"https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/02/14/4","reference_id":"4","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/"}],"url":"https://www.openwall.com/lists/oss-security/2024/02/14/4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48733","reference_id":"CVE-2023-48733","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48733"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-15T16:17:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00028.html"},{"reference_url":"https://usn.ubuntu.com/6638-1/","reference_id":"USN-6638-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6638-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583128?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586223?format=json","purl":"pkg:deb/debian/edk2@2023.11-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2023.11-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-48733"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yyqe-rr6t-c3hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77814?format=json","vulnerability_id":"VCID-z1gk-5f8t-tqau","summary":"edk2: Predictable TCP Initial Sequence Numbers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45236.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45236.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45236","reference_id":"","reference_type":"","scores":[{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59161","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59197","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59185","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59149","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59201","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59234","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59216","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45236"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45236","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45236"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063726","reference_id":"1063726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063726"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/16/2","reference_id":"2","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:43:01Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/16/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258703","reference_id":"2258703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258703"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h","reference_id":"GHSA-hc6x-cw6p-gj7h","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:43:01Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0011/","reference_id":"ntap-20240307-0011","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:43:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4419","reference_id":"RHSA-2024:4419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4749","reference_id":"RHSA-2024:4749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5297","reference_id":"RHSA-2024:5297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5297"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586289?format=json","purl":"pkg:deb/debian/edk2@2024.05-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2024.05-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2023-45236"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z1gk-5f8t-tqau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82687?format=json","vulnerability_id":"VCID-z6dd-929s-n7cr","summary":"edk2: insufficient memory write in SMM service leads to privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12182.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12182.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12182","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26281","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26386","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.2634","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.2644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26484","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26258","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26326","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26377","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12182"},{"reference_url":"https://edk2-docs.gitbooks.io/security-advisory/content/sw-smi-confused-deputy-smramsavestate_c.html","reference_id":"","reference_type":"","scores":[],"url":"https://edk2-docs.gitbooks.io/security-advisory/content/sw-smi-confused-deputy-smramsavestate_c.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us"},{"reference_url":"http://www.securityfocus.com/bid/107648","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107648"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694081","reference_id":"1694081","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694081"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tianocore:edk_ii:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12182","reference_id":"CVE-2018-12182","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-12182"},{"reference_url":"https://usn.ubuntu.com/6920-1/","reference_id":"USN-6920-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6920-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585972?format=json","purl":"pkg:deb/debian/edk2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583001?format=json","purl":"pkg:deb/debian/edk2@2020.11-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2020.11-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583002?format=json","purl":"pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b7a9-w2fs-dbh7"},{"vulnerability":"VCID-k7zd-s9nc-r3hb"},{"vulnerability":"VCID-mg21-k76s-sqfp"},{"vulnerability":"VCID-quq1-8rke-c3gf"},{"vulnerability":"VCID-r48c-b4df-ffhx"},{"vulnerability":"VCID-sd4b-3g4z-mubq"},{"vulnerability":"VCID-z1gk-5f8t-tqau"},{"vulnerability":"VCID-zd64-tjtu-sua3"},{"vulnerability":"VCID-zwx2-8yhh-7yef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2022.11-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2018-12182"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6dd-929s-n7cr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96150?format=json","vulnerability_id":"VCID-zwx2-8yhh-7yef","summary":"EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38805","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13082","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13172","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13134","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13205","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1327","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1307","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13152","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13203","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38805"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111100","reference_id":"1111100","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111100"},{"reference_url":"https://github.com/tianocore/edk2/security/advisories/GHSA-p7wp-52j7-6r5x","reference_id":"GHSA-p7wp-52j7-6r5x","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:34:25Z/"}],"url":"https://github.com/tianocore/edk2/security/advisories/GHSA-p7wp-52j7-6r5x"},{"reference_url":"https://usn.ubuntu.com/7894-1/","reference_id":"USN-7894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583003?format=json","purl":"pkg:deb/debian/edk2@2025.02-8%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-8%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583004?format=json","purl":"pkg:deb/debian/edk2@2025.02-9?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zd64-tjtu-sua3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583005?format=json","purl":"pkg:deb/debian/edk2@2025.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1000432?format=json","purl":"pkg:deb/debian/edk2@2025.11-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.11-5%3Fdistro=trixie"}],"aliases":["CVE-2024-38805"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwx2-8yhh-7yef"}],"risk_score":"2.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/edk2@2025.02-9%3Fdistro=trixie"}