Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2
purl pkg:deb/debian/edk2@2022.11-6%2Bdeb12u2
Next non-vulnerable version 2025.11-5
Latest non-vulnerable version 2025.11-5
Risk 3.8
Vulnerabilities affecting this package (9)
Vulnerability Summary Fixed by
VCID-b7a9-w2fs-dbh7
Aliases:
CVE-2024-38797
edk2: Out-of-bounds Read in EDK2
2025.02-8+deb13u1
Affected by 1 other vulnerability.
VCID-k7zd-s9nc-r3hb
Aliases:
CVE-2025-3770
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability.
2025.02-8+deb13u1
Affected by 1 other vulnerability.
VCID-mg21-k76s-sqfp
Aliases:
CVE-2024-13176
openssl: Timing side-channel in ECDSA signature computation
2025.02-8+deb13u1
Affected by 1 other vulnerability.
VCID-quq1-8rke-c3gf
Aliases:
CVE-2023-45237
edk2: Use of a Weak PseudoRandom Number Generator
2025.02-8+deb13u1
Affected by 1 other vulnerability.
VCID-r48c-b4df-ffhx
Aliases:
CVE-2025-2295
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.
2025.02-8+deb13u1
Affected by 1 other vulnerability.
VCID-sd4b-3g4z-mubq
Aliases:
CVE-2025-2296
edk2: EDK2: Improper Input Validation allows arbitrary command execution
2025.02-8+deb13u1
Affected by 1 other vulnerability.
VCID-z1gk-5f8t-tqau
Aliases:
CVE-2023-45236
edk2: Predictable TCP Initial Sequence Numbers
2025.02-8+deb13u1
Affected by 1 other vulnerability.
VCID-zd64-tjtu-sua3
Aliases:
CVE-2024-38798
EDK2: EDK2: Information Disclosure and Privilege Escalation via Local BIOS Access
2025.11-4
Affected by 0 other vulnerabilities.
2025.11-5
Affected by 0 other vulnerabilities.
VCID-zwx2-8yhh-7yef
Aliases:
CVE-2024-38805
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.
2025.02-8+deb13u1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (16)
Vulnerability Summary Aliases
VCID-2atx-ce9g-tbds edk2: Temporary DoS vulnerability CVE-2024-1298
VCID-2nzx-2ymt-kuhv edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe CVE-2021-38575
VCID-5czu-f7hq-v3bf edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message CVE-2023-45229
VCID-9j1j-68kv-ufhn EDK2: heap buffer overflow in Tcg2MeasureGptTable() CVE-2022-36763
VCID-fxxz-zj2j-1qdz edk2: Infinite loop when parsing a PadN option in the Destination Options header CVE-2023-45233
VCID-h4uc-8m6s-ffhy edk2: Infinite loop when parsing unknown options in the Destination Options header CVE-2023-45232
VCID-ha36-4zhr-mfcu edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message CVE-2023-45234
VCID-hme1-vqbr-qydz EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W CVE-2022-36765
VCID-nqk5-vmve-d3cq A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system. CVE-2021-38576
VCID-pf73-medx-quet BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. CVE-2021-28216
VCID-r575-k7j8-hbfy edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation CVE-2021-38578
VCID-u9mt-wbe7-yfb6 edk2: Buffer overflow in the DHCPv6 client via a long Server ID option CVE-2023-45230
VCID-v17c-bytr-6qe4 edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235
VCID-vzd4-6nza-4bgx edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796
VCID-w7z8-86tz-87eb edk2: Out of Bounds read when handling a ND Redirect message with truncated options CVE-2023-45231
VCID-x5x7-rwjh-wbb7 EDK2: heap buffer overflow in Tcg2MeasurePeImage() CVE-2022-36764

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:59:44.167392+00:00 Debian Importer Affected by VCID-k7zd-s9nc-r3hb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:19:58.693174+00:00 Debian Importer Affected by VCID-sd4b-3g4z-mubq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:10:37.155283+00:00 Debian Importer Affected by VCID-mg21-k76s-sqfp https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:10:20.475190+00:00 Debian Importer Affected by VCID-zd64-tjtu-sua3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:04:54.211278+00:00 Debian Importer Affected by VCID-b7a9-w2fs-dbh7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:01:04.842554+00:00 Debian Importer Affected by VCID-r48c-b4df-ffhx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:50:51.366666+00:00 Debian Importer Affected by VCID-quq1-8rke-c3gf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:45:41.666148+00:00 Debian Importer Affected by VCID-zwx2-8yhh-7yef https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:44:08.674729+00:00 Debian Importer Affected by VCID-z1gk-5f8t-tqau https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T00:28:47.786187+00:00 Debian Oval Importer Fixing VCID-r575-k7j8-hbfy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:34:56.298937+00:00 Debian Oval Importer Fixing VCID-u9mt-wbe7-yfb6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:56:38.305548+00:00 Debian Oval Importer Fixing VCID-5czu-f7hq-v3bf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:48:05.457403+00:00 Debian Oval Importer Fixing VCID-ha36-4zhr-mfcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:37:40.935926+00:00 Debian Oval Importer Fixing VCID-2nzx-2ymt-kuhv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:12:14.456710+00:00 Debian Oval Importer Fixing VCID-2atx-ce9g-tbds https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:41:33.181179+00:00 Debian Oval Importer Fixing VCID-9j1j-68kv-ufhn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:48:32.462576+00:00 Debian Oval Importer Fixing VCID-vzd4-6nza-4bgx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:18:34.352852+00:00 Debian Oval Importer Fixing VCID-nqk5-vmve-d3cq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:58:21.441783+00:00 Debian Oval Importer Fixing VCID-pf73-medx-quet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:38:19.805898+00:00 Debian Oval Importer Fixing VCID-fxxz-zj2j-1qdz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:33:23.473339+00:00 Debian Oval Importer Fixing VCID-w7z8-86tz-87eb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:29:20.828648+00:00 Debian Oval Importer Fixing VCID-hme1-vqbr-qydz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:15:33.426217+00:00 Debian Oval Importer Fixing VCID-x5x7-rwjh-wbb7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:54:00.391210+00:00 Debian Oval Importer Fixing VCID-v17c-bytr-6qe4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:48:46.690276+00:00 Debian Oval Importer Fixing VCID-h4uc-8m6s-ffhy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-13T08:55:47.140100+00:00 Debian Importer Affected by VCID-k7zd-s9nc-r3hb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:57:24.443062+00:00 Debian Importer Affected by VCID-sd4b-3g4z-mubq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:50:17.403833+00:00 Debian Importer Affected by VCID-mg21-k76s-sqfp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-12T00:02:09.436706+00:00 Debian Oval Importer Fixing VCID-r575-k7j8-hbfy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:09:55.677579+00:00 Debian Oval Importer Fixing VCID-u9mt-wbe7-yfb6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:33:01.883534+00:00 Debian Oval Importer Fixing VCID-5czu-f7hq-v3bf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:24:32.327236+00:00 Debian Oval Importer Fixing VCID-ha36-4zhr-mfcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:14:29.143106+00:00 Debian Oval Importer Fixing VCID-2nzx-2ymt-kuhv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:52:05.375635+00:00 Debian Oval Importer Fixing VCID-2atx-ce9g-tbds https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:24:06.349880+00:00 Debian Oval Importer Fixing VCID-9j1j-68kv-ufhn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:33:11.139303+00:00 Debian Oval Importer Fixing VCID-vzd4-6nza-4bgx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:08:23.907972+00:00 Debian Importer Affected by VCID-zd64-tjtu-sua3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:05:09.423493+00:00 Debian Importer Affected by VCID-b7a9-w2fs-dbh7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:03:51.285890+00:00 Debian Oval Importer Fixing VCID-nqk5-vmve-d3cq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:02:47.311576+00:00 Debian Importer Affected by VCID-r48c-b4df-ffhx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:56:36.763889+00:00 Debian Importer Affected by VCID-quq1-8rke-c3gf https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:53:09.769746+00:00 Debian Importer Affected by VCID-zwx2-8yhh-7yef https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:52:07.988705+00:00 Debian Importer Affected by VCID-z1gk-5f8t-tqau https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:44:12.748400+00:00 Debian Oval Importer Fixing VCID-pf73-medx-quet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:24:32.380521+00:00 Debian Oval Importer Fixing VCID-fxxz-zj2j-1qdz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:19:43.692930+00:00 Debian Oval Importer Fixing VCID-w7z8-86tz-87eb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:15:48.341711+00:00 Debian Oval Importer Fixing VCID-hme1-vqbr-qydz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:02:05.884980+00:00 Debian Oval Importer Fixing VCID-x5x7-rwjh-wbb7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:41:37.290965+00:00 Debian Oval Importer Fixing VCID-v17c-bytr-6qe4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:36:27.898962+00:00 Debian Oval Importer Fixing VCID-h4uc-8m6s-ffhy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T23:33:33.860395+00:00 Debian Oval Importer Fixing VCID-r575-k7j8-hbfy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:43:38.289413+00:00 Debian Oval Importer Fixing VCID-u9mt-wbe7-yfb6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:08:32.121444+00:00 Debian Oval Importer Fixing VCID-5czu-f7hq-v3bf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:00:29.069522+00:00 Debian Oval Importer Fixing VCID-ha36-4zhr-mfcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:50:50.846278+00:00 Debian Oval Importer Fixing VCID-2nzx-2ymt-kuhv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:31:38.609233+00:00 Debian Oval Importer Fixing VCID-2atx-ce9g-tbds https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:07:43.692358+00:00 Debian Oval Importer Fixing VCID-9j1j-68kv-ufhn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:18:22.104510+00:00 Debian Oval Importer Fixing VCID-vzd4-6nza-4bgx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:50:21.749005+00:00 Debian Oval Importer Fixing VCID-nqk5-vmve-d3cq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:31:31.873513+00:00 Debian Oval Importer Fixing VCID-pf73-medx-quet https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:12:44.718106+00:00 Debian Oval Importer Fixing VCID-fxxz-zj2j-1qdz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:08:11.329111+00:00 Debian Oval Importer Fixing VCID-w7z8-86tz-87eb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:04:26.576899+00:00 Debian Oval Importer Fixing VCID-hme1-vqbr-qydz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:51:30.953698+00:00 Debian Oval Importer Fixing VCID-x5x7-rwjh-wbb7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:35:27.612971+00:00 Debian Oval Importer Fixing VCID-v17c-bytr-6qe4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:30:27.883345+00:00 Debian Oval Importer Fixing VCID-h4uc-8m6s-ffhy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-02T17:16:54.825971+00:00 Debian Importer Affected by VCID-k7zd-s9nc-r3hb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:13:14.882505+00:00 Debian Importer Affected by VCID-quq1-8rke-c3gf https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:12:18.910197+00:00 Debian Importer Affected by VCID-r48c-b4df-ffhx https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:11:05.156667+00:00 Debian Importer Affected by VCID-sd4b-3g4z-mubq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:07:13.075652+00:00 Debian Importer Affected by VCID-mg21-k76s-sqfp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:04:06.203469+00:00 Debian Importer Affected by VCID-zd64-tjtu-sua3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:03:44.267266+00:00 Debian Importer Affected by VCID-b7a9-w2fs-dbh7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:02:37.649888+00:00 Debian Importer Affected by VCID-zwx2-8yhh-7yef https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:02:33.236118+00:00 Debian Importer Affected by VCID-z1gk-5f8t-tqau https://security-tracker.debian.org/tracker/data/json 38.1.0