edk2-shell

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description EDK2 UEFI Shell
Version 202011-1 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-1360 202011-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2019-14560 AVG-1360 Medium No Certificate verification bypass
GetEfiGlobalVariable2() is used in some instances when looking up the SecureBoot UEFI variable. The API can fail in certain circumstances, for example, if...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1359 202008-1 202011-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2019-14584 AVG-1359 Medium No Denial of service
A security issue was found in edk2 up to edk2-stable202011. AuthenticodeVerify() calls OpenSSLs d2i_PKCS7() API to parse asn encoded signed authenticode...