edk2-tools-python vulnerabilities

Known vulnerabilities in the edk2-tools-python package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Information Exposure	<0:20200801stable-1.amzn2.0.8
M Divide By Zero	<0:20200801stable-1.amzn2.0.7
M Resource Exhaustion	<0:20200801stable-1.amzn2.0.6
H Use After Free	<0:20200801stable-1.amzn2.0.5
H NULL Pointer Dereference	<0:20200801stable-1.amzn2.0.5
H Resource Exhaustion	<0:20200801stable-1.amzn2.0.5
H NULL Pointer Dereference	<0:20200801stable-1.amzn2.0.5
H Resource Exhaustion	<0:20200801stable-1.amzn2.0.5
H Out-of-bounds Read	<0:20200801stable-1.amzn2.0.5
H Arbitrary Command Injection	<0:20200801stable-1.amzn2.0.5
H Improper Certificate Validation	<0:20200801stable-1.amzn2.0.5
H NULL Pointer Dereference	<0:20200801stable-1.amzn2.0.5
H Integer Overflow or Wraparound	<0:20200801stable-1.amzn2.0.5
H Improper Certificate Validation	<0:20200801stable-1.amzn2.0.5
H Missing Required Cryptographic Step	<0:20200801stable-1.amzn2.0.5
H Incorrect Type Conversion or Cast	<0:20200801stable-1.amzn2.0.5
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:20200801stable-1.amzn2.0.5
H Excessive Iteration	<0:20200801stable-1.amzn2.0.5
H Double Free	<0:20200801stable-1.amzn2.0.5
H Information Exposure	<0:20200801stable-1.amzn2.0.5
H Missing Required Cryptographic Step	<0:20200801stable-1.amzn2.0.5
H Improper Certificate Validation	<0:20200801stable-1.amzn2.0.5
H NULL Pointer Dereference	<0:20200801stable-1.amzn2.0.5
H Resource Exhaustion	<0:20200801stable-1.amzn2.0.5
H Arbitrary Command Injection	<0:20200801stable-1.amzn2.0.5
H NULL Pointer Dereference	<0:20200801stable-1.amzn2.0.4
H Out-of-Bounds	<0:20200801stable-1.amzn2.0.4
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:20200801stable-1.amzn2.0.4
H Out-of-Bounds	<0:20200801stable-1.amzn2.0.4
H Out-of-Bounds	<0:20200801stable-1.amzn2.0.4
H Out-of-Bounds	<0:20200801stable-1.amzn2.0.4
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:20200801stable-1.amzn2.0.4
H Out-of-bounds Read	<0:20200801stable-1.amzn2.0.4
M Integer Overflow to Buffer Overflow	<0:20200801stable-1.amzn2.0.3
M Integer Overflow to Buffer Overflow	<0:20200801stable-1.amzn2.0.3
M Excessive Iteration	<0:20200801stable-1.amzn2.0.2
M CVE-2019-14587	<0:20200801stable-1.amzn2.0.1
M CVE-2019-14575	<0:20200801stable-1.amzn2.0.1
M Memory Leak	<0:20200801stable-1.amzn2.0.1
M Out-of-bounds Write	<0:20200801stable-1.amzn2.0.1
M Use After Free	<0:20200801stable-1.amzn2.0.1
M CVE-2019-14558	<0:20200801stable-1.amzn2.0.1
M Out-of-bounds Write	<0:20190501stable-2.amzn2.0.1
M Out-of-bounds Write	<0:20190501stable-2.amzn2.0.1
M Unintended Proxy or Intermediary ('Confused Deputy')	<0:20190501stable-2.amzn2.0.1
M CVE-2018-12179	<0:20190501stable-2.amzn2.0.1
M Out-of-bounds Write	<0:20190501stable-2.amzn2.0.1
H Out-of-bounds Write	<0:20190308stable-1.amzn2.0.1
H CVE-2018-3613	<0:20190308stable-1.amzn2.0.1
H Improper Authentication	<0:20190308stable-1.amzn2.0.1
H Improper Authentication	<0:20190308stable-1.amzn2.0.1
H Out-of-Bounds	<0:20190308stable-1.amzn2.0.1
H Improper Certificate Validation	<0:20190308stable-1.amzn2.0.1
H Improper Authentication	<0:20190308stable-1.amzn2.0.1
H Out-of-bounds Write	<0:20190308stable-1.amzn2.0.1
H Out-of-Bounds	<0:20190308stable-1.amzn2.0.1
H Improper Authentication	<0:20190308stable-1.amzn2.0.1

Vulnerability

Vulnerable Version

Information Exposure

<0:20200801stable-1.amzn2.0.8

Divide By Zero

<0:20200801stable-1.amzn2.0.7

Resource Exhaustion

<0:20200801stable-1.amzn2.0.6

Use After Free

<0:20200801stable-1.amzn2.0.5

NULL Pointer Dereference

<0:20200801stable-1.amzn2.0.5