Information on source package edk2

Available versions

Bug	jessie	stretch	buster	bullseye	sid	Description
CVE-2019-14553	vulnerable	vulnerable (no DSA)	vulnerable (no DSA)	vulnerable	vulnerable	invalid server certificate accepted in HTTPS-over-IPv6 boot
CVE-2019-0161	vulnerable	vulnerable (no DSA)	fixed	fixed	fixed	Stack overflow in XHCI for EDK II may allow an unauthenticated user to ...
CVE-2019-0160	vulnerable	vulnerable (no DSA)	fixed	fixed	fixed	Buffer overflow in system firmware for EDK II may allow unauthenticate ...
CVE-2018-12183	vulnerable	vulnerable (no DSA)	fixed	fixed	fixed	Stack overflow in DxeCore for EDK II may allow an unauthenticated user ...
CVE-2018-12181	vulnerable	fixed	fixed	fixed	fixed	Stack overflow in corrupted bmp for EDK II may allow unprivileged user ...
CVE-2018-12180	vulnerable	fixed	fixed	fixed	fixed	Buffer overflow in BlockIo service for EDK II may allow an unauthentic ...
CVE-2018-12178	vulnerable	fixed	fixed	fixed	fixed	Buffer overflow in network stack for EDK II may allow unprivileged use ...

Bug	jessie	stretch	buster	bullseye	sid	Description
CVE-2018-3630	vulnerable	vulnerable	vulnerable	vulnerable	vulnerable	Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c
CVE-2018-12182	vulnerable	vulnerable	vulnerable	vulnerable	vulnerable	Insufficient memory write check in SMM service for EDK II may allow an ...
CVE-2018-12179	vulnerable	vulnerable	vulnerable	vulnerable	vulnerable	Improper configuration in system firmware for EDK II may allow unauthe ...
CVE-2014-4860	vulnerable	vulnerable	vulnerable	vulnerable	vulnerable
CVE-2014-4859	vulnerable	vulnerable	vulnerable	vulnerable	vulnerable