iPXE is an iPXE open source web bootloader. iPXE iPXE versions prior to 2022.11.08 are vulnerable to an information disclosure vulnerability that affects the tls_new_ciphertext function in the component TLS src/net/tls.c file, which could be exploited by an attacker to obtain sensitive information.