VulnerableCode Package Details - pkg:deb/debian/edk2@2025.02-8

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2kzc-d6fj-aaak	EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.	CVE-2023-45236
VCID-31nh-s7tv-g3cv	EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability.	CVE-2024-38797
VCID-shdk-x8jh-s7af	EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.	CVE-2025-2295
VCID-xn95-jc2p-aaaq	EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.	CVE-2023-45237

Vulnerability

Summary

Aliases

VCID-2kzc-d6fj-aaak

EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

CVE-2023-45236

VCID-31nh-s7tv-g3cv

EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability.

CVE-2024-38797

VCID-shdk-x8jh-s7af

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.

CVE-2025-2295

VCID-xn95-jc2p-aaaq

CVE-2023-45237

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T23:50:02.195101+00:00	Debian Importer	Fixing	VCID-2kzc-d6fj-aaak	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-20T20:28:31.133697+00:00	Debian Importer	Fixing	VCID-shdk-x8jh-s7af	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-20T19:52:01.364576+00:00	Debian Importer	Fixing	VCID-xn95-jc2p-aaaq	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-05T14:17:57.980744+00:00	Debian Importer	Fixing	VCID-shdk-x8jh-s7af	https://security-tracker.debian.org/tracker/data/json	36.1.0
2025-06-05T13:58:55.861917+00:00	Debian Importer	Fixing	VCID-xn95-jc2p-aaaq	https://security-tracker.debian.org/tracker/data/json	36.1.0
2025-06-02T09:36:46.185207+00:00	Debian Importer	Fixing	VCID-shdk-x8jh-s7af	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-06-02T08:29:42.693572+00:00	Debian Importer	Fixing	VCID-2kzc-d6fj-aaak	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-06-02T02:45:48.051691+00:00	Debian Importer	Fixing	VCID-31nh-s7tv-g3cv	https://security-tracker.debian.org/tracker/data/json	36.0.0