CNNVD-202512-1595 Information
Dec 09, 2025
cve
CNNVD ID
CNNVD-202512-1595
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
EDK2是Tianocore社区的一套基于UEFI和PI规范的跨平台固件开发环境。 EDK2存在安全漏洞,该漏洞源于敏感信息暴露,可能导致信息泄露或权限提升。
Description (English)
EDK2 is a set of cross-platform solidware development environments based on UEFI and PI norms in the community of Tianocore. There is a security loophole in EDK, which stems from the exposure of sensitive information, which may lead to the disclosure of information or the enhancement of authority.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
tianocore
Published
2025-12-09
Last Modified
2026-02-24
References
https://github.com/tianocore/edk2/security/advisories/GHSA-q2c6-37h5-7cwf
Patch
https://github.com/tianocore/edk2/releases
Share on: