USN-7894-1
- Source
- https://ubuntu.com/security/notices/USN-7894-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7894-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-7894-1
- Upstream
- Related
- Published
- 2025-11-26T15:05:43.759332Z
- Modified
- 2025-11-27T07:32:18.207565Z
- Summary
- edk2 vulnerabilities
- Details
-
It was discovered that EDK II was susceptible to a predictable TCP Initial Sequence Number. An attacker could possibly use this issue to gain unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-1298)
It was discovered that the EDK II PE/COFF loader incorrectly handled certain memory operations. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information, or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-38796)
It was discovered that the EDK II PE image hashing function incorrectly handled certain memory operations. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-38797)
It was discovered that the EDK II BIOS incorrectly handled certain memory operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-38805, CVE-2025-2295)
It was discovered that EDK II incorrectly handled the enabling of MCE. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-3770)
It was discovered that the OpenSSL library embedded in EDK II contained multiple vulnerabilties. An attacker could possibly use these issues to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-3712, CVE-2022-0778, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6237, CVE-2024-0727, CVE-2024-13176, CVE-2024-2511, CVE-2024-41996, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-9143, CVE-2025-9232)
- References
-
- https://ubuntu.com/security/notices/USN-7894-1
- https://ubuntu.com/security/CVE-2021-3712
- https://ubuntu.com/security/CVE-2022-0778
- https://ubuntu.com/security/CVE-2022-4304
- https://ubuntu.com/security/CVE-2022-4450
- https://ubuntu.com/security/CVE-2023-0215
- https://ubuntu.com/security/CVE-2023-0286
- https://ubuntu.com/security/CVE-2023-0464
- https://ubuntu.com/security/CVE-2023-0465
- https://ubuntu.com/security/CVE-2023-0466
- https://ubuntu.com/security/CVE-2023-2650
- https://ubuntu.com/security/CVE-2023-3446
- https://ubuntu.com/security/CVE-2023-3817
- https://ubuntu.com/security/CVE-2023-5678
- https://ubuntu.com/security/CVE-2023-6237
- https://ubuntu.com/security/CVE-2023-45236
- https://ubuntu.com/security/CVE-2023-45237
- https://ubuntu.com/security/CVE-2024-0727
- https://ubuntu.com/security/CVE-2024-1298
- https://ubuntu.com/security/CVE-2024-2511
- https://ubuntu.com/security/CVE-2024-4741
- https://ubuntu.com/security/CVE-2024-5535
- https://ubuntu.com/security/CVE-2024-6119
- https://ubuntu.com/security/CVE-2024-9143
- https://ubuntu.com/security/CVE-2024-13176
- https://ubuntu.com/security/CVE-2024-38796
- https://ubuntu.com/security/CVE-2024-38797
- https://ubuntu.com/security/CVE-2024-38805
- https://ubuntu.com/security/CVE-2025-2295
- https://ubuntu.com/security/CVE-2025-3770
- https://ubuntu.com/security/CVE-2025-9232
Affected packages
Ubuntu:22.04:LTS / edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@2022.02-3ubuntu0.22.04.4?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2022.02-3ubuntu0.22.04.4
Affected versions
2021.*
2021.08~rc0-2
2021.08-3
2021.11~rc1-1
2021.11-1
2021.11-2
2022.*
2022.02~rc1-1
2022.02~rc1-1ubuntu1
2022.02-1
2022.02-2
2022.02-3
2022.02-3ubuntu0.22.04.1
2022.02-3ubuntu0.22.04.2
2022.02-3ubuntu0.22.04.3
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "2022.02-3ubuntu0.22.04.4",
"binary_name": "ovmf"
},
{
"binary_version": "2022.02-3ubuntu0.22.04.4",
"binary_name": "ovmf-ia32"
},
{
"binary_version": "2022.02-3ubuntu0.22.04.4",
"binary_name": "qemu-efi"
},
{
"binary_version": "2022.02-3ubuntu0.22.04.4",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "2022.02-3ubuntu0.22.04.4",
"binary_name": "qemu-efi-arm"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:22.04:LTS",
"cves": [
{
"id": "CVE-2021-3712",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2022-0778",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2022-4304",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2022-4450",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-0215",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-0286",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-0464",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-0465",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-0466",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "negligible",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-2650",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-3446",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-3817",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-5678",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-45236",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-45237",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-0727",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-1298",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-2511",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-4741",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-5535",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-9143",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-13176",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-38796",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-38797",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-38805",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-2295",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-3770",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
]
}
Ubuntu:24.04:LTS / edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@2024.02-2ubuntu0.6?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2024.02-2ubuntu0.6
Affected versions
2023.*
2023.05-2
2023.11-2
2023.11-3
2023.11-4
2023.11-5
2023.11-6
2023.11-8
2024.*
2024.02-1
2024.02-2
2024.02-2ubuntu0.1
2024.02-2ubuntu0.3
2024.02-2ubuntu0.4
2024.02-2ubuntu0.5
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "efi-shell-aa64"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "efi-shell-arm"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "efi-shell-ia32"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "efi-shell-riscv64"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "efi-shell-x64"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "ovmf"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "ovmf-ia32"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "qemu-efi-arm"
},
{
"binary_version": "2024.02-2ubuntu0.6",
"binary_name": "qemu-efi-riscv64"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:24.04:LTS",
"cves": [
{
"id": "CVE-2023-3446",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-3817",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-5678",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-6237",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-45236",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-45237",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-0727",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-1298",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-2511",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-4741",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-5535",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-6119",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-9143",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-13176",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-38796",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-38797",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-38805",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-2295",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-3770",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
]
}
Ubuntu:25.04 / edk2
Package
- Name
- edk2
- Purl
- pkg:deb/ubuntu/edk2@2025.02-3ubuntu2.2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2025.02-3ubuntu2.2
Affected versions
2024.*
2024.05-2ubuntu0.1
2024.08-4
2024.11-1
2024.11-2
2024.11-5
2025.*
2025.02-3ubuntu1
2025.02-3ubuntu2
2025.02-3ubuntu2.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "efi-shell-aa64"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "efi-shell-arm"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "efi-shell-ia32"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "efi-shell-loongarch64"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "efi-shell-riscv64"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "efi-shell-x64"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "ovmf"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "ovmf-ia32"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "qemu-efi-aarch64"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "qemu-efi-arm"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "qemu-efi-loongarch64"
},
{
"binary_version": "2025.02-3ubuntu2.2",
"binary_name": "qemu-efi-riscv64"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:25.04",
"cves": [
{
"id": "CVE-2024-13176",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-38797",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-38805",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-2295",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-3770",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2025-9232",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
]
}