edk2-shell
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | EDK2 UEFI Shell |
Version | 202011-1 [extra] |
Open
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-1360 | 202011-1 | Medium | Vulnerable |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2019-14560 | AVG-1360 | Medium | No | Certificate verification bypass | GetEfiGlobalVariable2() is used in some instances when looking up the SecureBoot UEFI variable. The API can fail in certain circumstances, for example, if... |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-1359 | 202008-1 | 202011-1 | Medium | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2019-14584 | AVG-1359 | Medium | No | Denial of service | A security issue was found in edk2 up to edk2-stable202011. AuthenticodeVerify() calls OpenSSLs d2i_PKCS7() API to parse asn encoded signed authenticode... |