Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/grub2@2.04-9?distro=trixie

Type deb

Namespace debian

Name grub2

Version 2.04-9

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.04-16

Latest_non_vulnerable_version 2.14-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1a1n-tuft-ufhy

vulnerability_id VCID-1a1n-tuft-ufhy

summary

Multiple vulnerabilities have been found in GRUB, the worst might
    allow for circumvention of UEFI Secure Boot.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14309.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14309.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14309

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.13688
published_at	2026-04-26T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13636
published_at	2026-04-18T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13708
published_at	2026-04-21T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13719
published_at	2026-04-24T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.1391
published_at	2026-04-04T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13711
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13794
published_at	2026-04-08T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13844
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13813
published_at	2026-04-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13777
published_at	2026-04-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13729
published_at	2026-04-13T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13639
published_at	2026-04-16T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14639
published_at	2026-04-02T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.1459
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1852022
reference_id	1852022
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1852022

reference_url	https://security.gentoo.org/glsa/202104-05
reference_id	GLSA-202104-05
reference_type
scores
url	https://security.gentoo.org/glsa/202104-05

reference_url	https://access.redhat.com/errata/RHSA-2020:3216
reference_id	RHSA-2020:3216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3216

reference_url	https://access.redhat.com/errata/RHSA-2020:3217
reference_id	RHSA-2020:3217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3217

reference_url	https://access.redhat.com/errata/RHSA-2020:3223
reference_id	RHSA-2020:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3223

reference_url	https://access.redhat.com/errata/RHSA-2020:3227
reference_id	RHSA-2020:3227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3227

reference_url	https://access.redhat.com/errata/RHSA-2020:3271
reference_id	RHSA-2020:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3271

reference_url	https://access.redhat.com/errata/RHSA-2020:3273
reference_id	RHSA-2020:3273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3273

reference_url	https://access.redhat.com/errata/RHSA-2020:3274
reference_id	RHSA-2020:3274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3274

reference_url	https://access.redhat.com/errata/RHSA-2020:3275
reference_id	RHSA-2020:3275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3275

reference_url	https://access.redhat.com/errata/RHSA-2020:3276
reference_id	RHSA-2020:3276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3276

reference_url	https://usn.ubuntu.com/4432-1/
reference_id	USN-4432-1
reference_type
scores
url	https://usn.ubuntu.com/4432-1/

fixed_packages

url	pkg:deb/debian/grub2@2.04-9?distro=trixie
purl	pkg:deb/debian/grub2@2.04-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

purl pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

purl pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie

aliases CVE-2020-14309

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1a1n-tuft-ufhy

url VCID-dee9-zb16-sbeb

vulnerability_id VCID-dee9-zb16-sbeb

summary

Multiple vulnerabilities have been found in GRUB, the worst might
    allow for circumvention of UEFI Secure Boot.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15707.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15707.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-15707

reference_id

reference_type

scores

value	0.00032
scoring_system	epss
scoring_elements	0.09113
published_at	2026-04-01T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09118
published_at	2026-04-02T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.0917
published_at	2026-04-04T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09094
published_at	2026-04-07T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09174
published_at	2026-04-08T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09205
published_at	2026-04-09T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09207
published_at	2026-04-11T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09176
published_at	2026-04-12T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09162
published_at	2026-04-13T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09056
published_at	2026-04-16T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09035
published_at	2026-04-18T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09193
published_at	2026-04-21T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09238
published_at	2026-04-24T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09181
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15707

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1861581
reference_id	1861581
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1861581

reference_url	https://security.gentoo.org/glsa/202104-05
reference_id	GLSA-202104-05
reference_type
scores
url	https://security.gentoo.org/glsa/202104-05

reference_url	https://access.redhat.com/errata/RHSA-2020:3216
reference_id	RHSA-2020:3216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3216

reference_url	https://access.redhat.com/errata/RHSA-2020:3217
reference_id	RHSA-2020:3217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3217

reference_url	https://access.redhat.com/errata/RHSA-2020:3223
reference_id	RHSA-2020:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3223

reference_url	https://access.redhat.com/errata/RHSA-2020:3227
reference_id	RHSA-2020:3227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3227

reference_url	https://access.redhat.com/errata/RHSA-2020:3271
reference_id	RHSA-2020:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3271

reference_url	https://access.redhat.com/errata/RHSA-2020:3274
reference_id	RHSA-2020:3274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3274

reference_url	https://access.redhat.com/errata/RHSA-2020:3275
reference_id	RHSA-2020:3275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3275

reference_url	https://access.redhat.com/errata/RHSA-2020:3276
reference_id	RHSA-2020:3276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3276

reference_url	https://usn.ubuntu.com/4432-1/
reference_id	USN-4432-1
reference_type
scores
url	https://usn.ubuntu.com/4432-1/

fixed_packages

url	pkg:deb/debian/grub2@2.04-9?distro=trixie
purl	pkg:deb/debian/grub2@2.04-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

purl pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

purl pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie

aliases CVE-2020-15707

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dee9-zb16-sbeb

url VCID-eek6-ufv4-kydb

vulnerability_id VCID-eek6-ufv4-kydb

summary

Multiple vulnerabilities have been found in GRUB, the worst might
    allow for circumvention of UEFI Secure Boot.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14310.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14310.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14310

reference_id

reference_type

scores

value	0.00054
scoring_system	epss
scoring_elements	0.16816
published_at	2026-04-26T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16893
published_at	2026-04-18T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.1693
published_at	2026-04-21T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16834
published_at	2026-04-24T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.1716
published_at	2026-04-04T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16938
published_at	2026-04-07T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17026
published_at	2026-04-08T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17085
published_at	2026-04-09T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.1706
published_at	2026-04-11T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17013
published_at	2026-04-12T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16953
published_at	2026-04-13T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.1689
published_at	2026-04-16T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18871
published_at	2026-04-02T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18735
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1852030
reference_id	1852030
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1852030

reference_url	https://security.gentoo.org/glsa/202104-05
reference_id	GLSA-202104-05
reference_type
scores
url	https://security.gentoo.org/glsa/202104-05

reference_url	https://access.redhat.com/errata/RHSA-2020:3216
reference_id	RHSA-2020:3216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3216

reference_url	https://access.redhat.com/errata/RHSA-2020:3217
reference_id	RHSA-2020:3217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3217

reference_url	https://access.redhat.com/errata/RHSA-2020:3223
reference_id	RHSA-2020:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3223

reference_url	https://access.redhat.com/errata/RHSA-2020:3227
reference_id	RHSA-2020:3227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3227

reference_url	https://access.redhat.com/errata/RHSA-2020:3271
reference_id	RHSA-2020:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3271

reference_url	https://access.redhat.com/errata/RHSA-2020:3273
reference_id	RHSA-2020:3273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3273

reference_url	https://access.redhat.com/errata/RHSA-2020:3274
reference_id	RHSA-2020:3274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3274

reference_url	https://access.redhat.com/errata/RHSA-2020:3275
reference_id	RHSA-2020:3275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3275

reference_url	https://access.redhat.com/errata/RHSA-2020:3276
reference_id	RHSA-2020:3276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3276

reference_url	https://usn.ubuntu.com/4432-1/
reference_id	USN-4432-1
reference_type
scores
url	https://usn.ubuntu.com/4432-1/

fixed_packages

url	pkg:deb/debian/grub2@2.04-9?distro=trixie
purl	pkg:deb/debian/grub2@2.04-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

purl pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

purl pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie

aliases CVE-2020-14310

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eek6-ufv4-kydb

url VCID-p4uv-kcsu-fqbr

vulnerability_id VCID-p4uv-kcsu-fqbr

summary

Multiple vulnerabilities have been found in GRUB, the worst might
    allow for circumvention of UEFI Secure Boot.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15706.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15706.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-15706

reference_id

reference_type

scores

value	0.00052
scoring_system	epss
scoring_elements	0.16186
published_at	2026-04-01T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16369
published_at	2026-04-02T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16431
published_at	2026-04-04T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16228
published_at	2026-04-07T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16314
published_at	2026-04-08T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16378
published_at	2026-04-09T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.1636
published_at	2026-04-11T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.1632
published_at	2026-04-12T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16253
published_at	2026-04-13T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16189
published_at	2026-04-16T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16207
published_at	2026-04-18T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16245
published_at	2026-04-21T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16136
published_at	2026-04-24T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16133
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1861118
reference_id	1861118
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1861118

reference_url	https://security.gentoo.org/glsa/202104-05
reference_id	GLSA-202104-05
reference_type
scores
url	https://security.gentoo.org/glsa/202104-05

reference_url	https://access.redhat.com/errata/RHSA-2020:3216
reference_id	RHSA-2020:3216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3216

reference_url	https://access.redhat.com/errata/RHSA-2020:3217
reference_id	RHSA-2020:3217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3217

reference_url	https://access.redhat.com/errata/RHSA-2020:3223
reference_id	RHSA-2020:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3223

reference_url	https://access.redhat.com/errata/RHSA-2020:3227
reference_id	RHSA-2020:3227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3227

reference_url	https://access.redhat.com/errata/RHSA-2020:3271
reference_id	RHSA-2020:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3271

reference_url	https://access.redhat.com/errata/RHSA-2020:3273
reference_id	RHSA-2020:3273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3273

reference_url	https://access.redhat.com/errata/RHSA-2020:3274
reference_id	RHSA-2020:3274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3274

reference_url	https://access.redhat.com/errata/RHSA-2020:3275
reference_id	RHSA-2020:3275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3275

reference_url	https://access.redhat.com/errata/RHSA-2020:3276
reference_id	RHSA-2020:3276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3276

reference_url	https://usn.ubuntu.com/4432-1/
reference_id	USN-4432-1
reference_type
scores
url	https://usn.ubuntu.com/4432-1/

fixed_packages

url	pkg:deb/debian/grub2@2.04-9?distro=trixie
purl	pkg:deb/debian/grub2@2.04-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

purl pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

purl pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie

aliases CVE-2020-15706

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4uv-kcsu-fqbr

url VCID-vuj2-9dc2-bbhv

vulnerability_id VCID-vuj2-9dc2-bbhv

summary

Multiple vulnerabilities have been found in GRUB, the worst might
    allow for circumvention of UEFI Secure Boot.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14308.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14308.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14308

reference_id

reference_type

scores

value	0.00034
scoring_system	epss
scoring_elements	0.09779
published_at	2026-04-01T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.0985
published_at	2026-04-02T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.099
published_at	2026-04-04T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09798
published_at	2026-04-07T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.0987
published_at	2026-04-08T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09922
published_at	2026-04-09T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09928
published_at	2026-04-11T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09891
published_at	2026-04-12T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09875
published_at	2026-04-13T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09758
published_at	2026-04-16T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.0973
published_at	2026-04-18T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09881
published_at	2026-04-21T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09927
published_at	2026-04-24T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09893
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1852009
reference_id	1852009
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1852009

reference_url	https://security.gentoo.org/glsa/202104-05
reference_id	GLSA-202104-05
reference_type
scores
url	https://security.gentoo.org/glsa/202104-05

reference_url	https://access.redhat.com/errata/RHSA-2020:3216
reference_id	RHSA-2020:3216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3216

reference_url	https://access.redhat.com/errata/RHSA-2020:3217
reference_id	RHSA-2020:3217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3217

reference_url	https://access.redhat.com/errata/RHSA-2020:3223
reference_id	RHSA-2020:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3223

reference_url	https://access.redhat.com/errata/RHSA-2020:3227
reference_id	RHSA-2020:3227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3227

reference_url	https://access.redhat.com/errata/RHSA-2020:3271
reference_id	RHSA-2020:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3271

reference_url	https://access.redhat.com/errata/RHSA-2020:3273
reference_id	RHSA-2020:3273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3273

reference_url	https://access.redhat.com/errata/RHSA-2020:3274
reference_id	RHSA-2020:3274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3274

reference_url	https://access.redhat.com/errata/RHSA-2020:3275
reference_id	RHSA-2020:3275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3275

reference_url	https://access.redhat.com/errata/RHSA-2020:3276
reference_id	RHSA-2020:3276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3276

reference_url	https://usn.ubuntu.com/4432-1/
reference_id	USN-4432-1
reference_type
scores
url	https://usn.ubuntu.com/4432-1/

fixed_packages

url	pkg:deb/debian/grub2@2.04-9?distro=trixie
purl	pkg:deb/debian/grub2@2.04-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

purl pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

purl pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie

aliases CVE-2020-14308

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vuj2-9dc2-bbhv

url VCID-wenh-wyf1-m3c1

vulnerability_id VCID-wenh-wyf1-m3c1

summary

Multiple vulnerabilities have been found in GRUB, the worst might
    allow for circumvention of UEFI Secure Boot.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10713.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10713.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10713

reference_id

reference_type

scores

value	0.00259
scoring_system	epss
scoring_elements	0.49207
published_at	2026-04-01T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49238
published_at	2026-04-02T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49266
published_at	2026-04-04T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49218
published_at	2026-04-07T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49272
published_at	2026-04-08T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49269
published_at	2026-04-09T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49287
published_at	2026-04-11T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.4926
published_at	2026-04-12T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49265
published_at	2026-04-13T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49312
published_at	2026-04-16T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49309
published_at	2026-04-18T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49278
published_at	2026-04-21T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49267
published_at	2026-04-24T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49275
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1825243
reference_id	1825243
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1825243

reference_url	https://security.gentoo.org/glsa/202104-05
reference_id	GLSA-202104-05
reference_type
scores
url	https://security.gentoo.org/glsa/202104-05

reference_url	https://access.redhat.com/errata/RHSA-2020:3216
reference_id	RHSA-2020:3216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3216

reference_url	https://access.redhat.com/errata/RHSA-2020:3217
reference_id	RHSA-2020:3217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3217

reference_url	https://access.redhat.com/errata/RHSA-2020:3223
reference_id	RHSA-2020:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3223

reference_url	https://access.redhat.com/errata/RHSA-2020:3227
reference_id	RHSA-2020:3227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3227

reference_url	https://access.redhat.com/errata/RHSA-2020:3271
reference_id	RHSA-2020:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3271

reference_url	https://access.redhat.com/errata/RHSA-2020:3273
reference_id	RHSA-2020:3273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3273

reference_url	https://access.redhat.com/errata/RHSA-2020:3274
reference_id	RHSA-2020:3274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3274

reference_url	https://access.redhat.com/errata/RHSA-2020:3275
reference_id	RHSA-2020:3275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3275

reference_url	https://access.redhat.com/errata/RHSA-2020:3276
reference_id	RHSA-2020:3276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3276

reference_url	https://access.redhat.com/errata/RHSA-2020:4115
reference_id	RHSA-2020:4115
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4115

reference_url	https://access.redhat.com/errata/RHSA-2020:4172
reference_id	RHSA-2020:4172
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4172

reference_url	https://usn.ubuntu.com/4432-1/
reference_id	USN-4432-1
reference_type
scores
url	https://usn.ubuntu.com/4432-1/

fixed_packages

url	pkg:deb/debian/grub2@2.04-9?distro=trixie
purl	pkg:deb/debian/grub2@2.04-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

purl pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

purl pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie

aliases CVE-2020-10713

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wenh-wyf1-m3c1

url VCID-zqvy-2txw-9uhz

vulnerability_id VCID-zqvy-2txw-9uhz

summary

Multiple vulnerabilities have been found in GRUB, the worst might
    allow for circumvention of UEFI Secure Boot.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14311.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14311.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14311

reference_id

reference_type

scores

value	0.00032
scoring_system	epss
scoring_elements	0.09061
published_at	2026-04-01T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09065
published_at	2026-04-02T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09118
published_at	2026-04-04T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09037
published_at	2026-04-07T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09117
published_at	2026-04-08T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09145
published_at	2026-04-09T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09147
published_at	2026-04-11T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09115
published_at	2026-04-12T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.091
published_at	2026-04-13T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.08996
published_at	2026-04-16T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.08975
published_at	2026-04-18T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09132
published_at	2026-04-21T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09173
published_at	2026-04-24T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09116
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1852014
reference_id	1852014
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1852014

reference_url	https://security.gentoo.org/glsa/202104-05
reference_id	GLSA-202104-05
reference_type
scores
url	https://security.gentoo.org/glsa/202104-05

reference_url	https://access.redhat.com/errata/RHSA-2020:3216
reference_id	RHSA-2020:3216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3216

reference_url	https://access.redhat.com/errata/RHSA-2020:3217
reference_id	RHSA-2020:3217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3217

reference_url	https://access.redhat.com/errata/RHSA-2020:3223
reference_id	RHSA-2020:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3223

reference_url	https://access.redhat.com/errata/RHSA-2020:3227
reference_id	RHSA-2020:3227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3227

reference_url	https://access.redhat.com/errata/RHSA-2020:3271
reference_id	RHSA-2020:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3271

reference_url	https://access.redhat.com/errata/RHSA-2020:3273
reference_id	RHSA-2020:3273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3273

reference_url	https://access.redhat.com/errata/RHSA-2020:3274
reference_id	RHSA-2020:3274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3274

reference_url	https://access.redhat.com/errata/RHSA-2020:3275
reference_id	RHSA-2020:3275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3275

reference_url	https://access.redhat.com/errata/RHSA-2020:3276
reference_id	RHSA-2020:3276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3276

reference_url	https://usn.ubuntu.com/4432-1/
reference_id	USN-4432-1
reference_type
scores
url	https://usn.ubuntu.com/4432-1/

fixed_packages

url	pkg:deb/debian/grub2@2.04-9?distro=trixie
purl	pkg:deb/debian/grub2@2.04-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

purl pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

purl pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie

aliases CVE-2020-14311

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zqvy-2txw-9uhz

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie

Package Instance