fwupd-plugin-flashrom (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package fwupd-plugin-flashrom, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2022-34301 — CVSS 6.7 (medium): A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with…
CVE-2022-34302 — CVSS 6.7 (medium): A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure…
CVE-2022-34303 — CVSS 6.7 (medium): A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot…
CVE-2022-3287 — CVSS 6.5 (medium): When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without…