Information on source package edk2

Available versions

ReleaseVersion
jessie/non-free0~20131112.2590861a-3
stretch0~20161202.7bbe0b3e-1+deb9u1
buster0~20181115.85588389-3
bullseye0~20190828.37eef910-3
sid0~20190828.37eef910-3

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-14553vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableinvalid server certificate accepted in HTTPS-over-IPv6 boot
CVE-2019-0161vulnerablevulnerable (no DSA)fixedfixedfixedStack overflow in XHCI for EDK II may allow an unauthenticated user to ...
CVE-2019-0160vulnerablevulnerable (no DSA)fixedfixedfixedBuffer overflow in system firmware for EDK II may allow unauthenticate ...
CVE-2018-12183vulnerablevulnerable (no DSA)fixedfixedfixedStack overflow in DxeCore for EDK II may allow an unauthenticated user ...
CVE-2018-12181vulnerablefixedfixedfixedfixedStack overflow in corrupted bmp for EDK II may allow unprivileged user ...
CVE-2018-12180vulnerablefixedfixedfixedfixedBuffer overflow in BlockIo service for EDK II may allow an unauthentic ...
CVE-2018-12178vulnerablefixedfixedfixedfixedBuffer overflow in network stack for EDK II may allow unprivileged use ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2018-3630vulnerablevulnerablevulnerablevulnerablevulnerableLogic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c
CVE-2018-12182vulnerablevulnerablevulnerablevulnerablevulnerableInsufficient memory write check in SMM service for EDK II may allow an ...
CVE-2018-12179vulnerablevulnerablevulnerablevulnerablevulnerableImproper configuration in system firmware for EDK II may allow unauthe ...
CVE-2014-4860vulnerablevulnerablevulnerablevulnerablevulnerable
CVE-2014-4859vulnerablevulnerablevulnerablevulnerablevulnerable

Search for package or bug name: Reporting problems