CVE-2021-28211 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A security issue was found in EDK II before version 202011. A possible heap corruption in LzmaUefiDecompressGetInfo  could lead to arbitrary code execution.
Group Package Affected Fixed Severity Status Ticket
AVG-1697 edk2-shell 202008-1 202011-1 Medium Fixed
References
https://bugzilla.tianocore.org/show_bug.cgi?id=1816
https://github.com/tianocore/edk2/pull/1138
https://github.com/tianocore/edk2/commit/e7bd0dd26db7e56aa8ca70132d6ea916ee6f3db0