edk2-tools vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the edk2-tools package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Release of Invalid Pointer or Reference

<0:20240813-296.amzn2
  • H
CVE-2021-38576

<0:20240813-296.amzn2
  • H
Out-of-bounds Write

<0:20240813-296.amzn2
  • H
Buffer Underflow

<0:20240813-296.amzn2
  • H
Information Exposure

<0:20240813-296.amzn2
  • H
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

<0:20240813-296.amzn2
  • H
Heap-based Buffer Overflow

<0:20240813-296.amzn2
  • H
Buffer Overflow

<0:20240813-296.amzn2
  • M
Information Exposure

<0:20200801stable-1.amzn2.0.8
  • M
Divide By Zero

<0:20200801stable-1.amzn2.0.7
  • M
Resource Exhaustion

<0:20200801stable-1.amzn2.0.6
  • H
Arbitrary Command Injection

<0:20200801stable-1.amzn2.0.5
  • H
Incorrect Type Conversion or Cast

<0:20200801stable-1.amzn2.0.5
  • H
Out-of-bounds Read

<0:20200801stable-1.amzn2.0.5
  • H
NULL Pointer Dereference

<0:20200801stable-1.amzn2.0.5
  • H
Missing Required Cryptographic Step

<0:20200801stable-1.amzn2.0.5
  • H
Information Exposure

<0:20200801stable-1.amzn2.0.5
  • H
Improper Certificate Validation

<0:20200801stable-1.amzn2.0.5
  • H
Excessive Iteration

<0:20200801stable-1.amzn2.0.5
  • H
Use After Free

<0:20200801stable-1.amzn2.0.5
  • H
Resource Exhaustion

<0:20200801stable-1.amzn2.0.5
  • H
Improper Certificate Validation

<0:20200801stable-1.amzn2.0.5
  • H
Resource Exhaustion

<0:20200801stable-1.amzn2.0.5
  • H
Missing Required Cryptographic Step

<0:20200801stable-1.amzn2.0.5
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:20200801stable-1.amzn2.0.5
  • H
Integer Overflow or Wraparound

<0:20200801stable-1.amzn2.0.5
  • H
NULL Pointer Dereference

<0:20200801stable-1.amzn2.0.5
  • H
NULL Pointer Dereference

<0:20200801stable-1.amzn2.0.5
  • H
Resource Exhaustion

<0:20200801stable-1.amzn2.0.5
  • H
Improper Certificate Validation

<0:20200801stable-1.amzn2.0.5
  • H
Double Free

<0:20200801stable-1.amzn2.0.5
  • H
Arbitrary Command Injection

<0:20200801stable-1.amzn2.0.5
  • H
NULL Pointer Dereference

<0:20200801stable-1.amzn2.0.5
  • H
Out-of-Bounds

<0:20200801stable-1.amzn2.0.4
  • H
Out-of-bounds Read

<0:20200801stable-1.amzn2.0.4
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:20200801stable-1.amzn2.0.4
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:20200801stable-1.amzn2.0.4
  • H
Out-of-Bounds

<0:20200801stable-1.amzn2.0.4
  • H
Out-of-Bounds

<0:20200801stable-1.amzn2.0.4
  • H
Out-of-Bounds

<0:20200801stable-1.amzn2.0.4
  • H
NULL Pointer Dereference

<0:20200801stable-1.amzn2.0.4
  • M
Integer Overflow to Buffer Overflow

<0:20200801stable-1.amzn2.0.3
  • M
Integer Overflow to Buffer Overflow

<0:20200801stable-1.amzn2.0.3
  • M
Excessive Iteration

<0:20200801stable-1.amzn2.0.2
  • M
CVE-2019-14587

<0:20200801stable-1.amzn2.0.1
  • M
CVE-2019-14575

<0:20200801stable-1.amzn2.0.1
  • M
Memory Leak

<0:20200801stable-1.amzn2.0.1
  • M
Out-of-bounds Write

<0:20200801stable-1.amzn2.0.1
  • M
Use After Free

<0:20200801stable-1.amzn2.0.1
  • M
CVE-2019-14558

<0:20200801stable-1.amzn2.0.1
  • M
Out-of-bounds Write

<0:20190501stable-2.amzn2.0.1
  • M
Out-of-bounds Write

<0:20190501stable-2.amzn2.0.1
  • M
Unintended Proxy or Intermediary ('Confused Deputy')

<0:20190501stable-2.amzn2.0.1
  • M
CVE-2018-12179

<0:20190501stable-2.amzn2.0.1
  • M
Out-of-bounds Write

<0:20190501stable-2.amzn2.0.1
  • H
Out-of-bounds Write

<0:20190308stable-1.amzn2.0.1
  • H
CVE-2018-3613

<0:20190308stable-1.amzn2.0.1
  • H
Improper Authentication

<0:20190308stable-1.amzn2.0.1
  • H
Improper Authentication

<0:20190308stable-1.amzn2.0.1
  • H
Out-of-Bounds

<0:20190308stable-1.amzn2.0.1
  • H
Improper Certificate Validation

<0:20190308stable-1.amzn2.0.1
  • H
Improper Authentication

<0:20190308stable-1.amzn2.0.1
  • H
Out-of-bounds Write

<0:20190308stable-1.amzn2.0.1
  • H
Out-of-Bounds

<0:20190308stable-1.amzn2.0.1
  • H
Improper Authentication

<0:20190308stable-1.amzn2.0.1