Is uefi-firmware safe to use?

uefi-firmware has 2 known vulnerabilities on the latest version (1.11). DepScope rates its health at 40/100 (high risk).

What is the latest version of uefi-firmware?

The latest version of uefi-firmware is 1.11, released 2023-08-10.

Does uefi-firmware have known vulnerabilities?

Yes. uefi-firmware has 2 known vulnerabilities. See depscope.dev/pkg/pypi/uefi-firmware for details.

Is uefi-firmware deprecated?

No, uefi-firmware is actively maintained. Latest release: 1.11 (2023-08-10).

What are alternatives to uefi-firmware?

Popular alternatives to uefi-firmware in PyPI include: boto3, packaging, idna, urllib3, requests.

What license does uefi-firmware use?

uefi-firmware is licensed under BSD.

uefi-firmware

pypiv1.11

Various data structures and parsing tools for UEFI firmware.

License BSDpermissive10 versions1 maintainers1 deps21,362 weekly dl

theopolis/uefi-firmware-parser

/ 100

Health

do not use

uefi-firmware has critical vulnerabilities — do not use

Moderate health score (40/100) — verify manually
2 critical vulnerabilities

Health breakdown0 – 100

20/25

maintenance

10/20

popularity

5/25

security

6/15

maturity

5/15

community

Vulnerabilities

2 critical

Advisories (2)

Severity	ID	Summary	Fixed in
critical	GHSA-2689-5p89-6j3j	UEFI Firmware Parser has a stack out-of-bounds write in tiano decompressor MakeTable	—
critical	GHSA-hm2w-vr2p-hq7w	UEFI Firmware Parser has a heap out-of-bounds write in tiano decompressor ReadCLen	—

Health History

Dependency Tree

License Audit

Dependencies (1)

future

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/uefi-firmware