Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/grub2@2.06-3~deb11u6

Type deb

Namespace debian

Name grub2

Version 2.06-3~deb11u6

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.12-1~bpo12+1

Latest_non_vulnerable_version 2.14-2

Affected_by_vulnerabilities

url VCID-1tdk-6d8a-m7h8

vulnerability_id VCID-1tdk-6d8a-m7h8

summary grub2: Missing unregister call for gettext command may lead to use-after-free

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61662.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61662.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-61662

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.0151
published_at	2026-04-09T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01495
published_at	2026-04-13T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01502
published_at	2026-04-11T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01506
published_at	2026-04-08T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01494
published_at	2026-04-12T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01664
published_at	2026-04-16T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01668
published_at	2026-04-18T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01757
published_at	2026-04-21T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01768
published_at	2026-04-24T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01762
published_at	2026-04-26T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01492
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04241
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-61662

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61662
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61662

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968
reference_id	1120968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2414683

reference_id

2414683

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2414683

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id	cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id	cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
reference_id	cpe:/a:redhat:openshift:4.19::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
reference_id	cpe:/o:redhat:enterprise_linux:10.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0
reference_id	cpe:/o:redhat:enterprise_linux_eus:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-61662

reference_id

CVE-2025-61662

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/security/cve/CVE-2025-61662

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.html

reference_id

msg00155.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.html

reference_url

https://access.redhat.com/errata/RHSA-2026:10097

reference_id

RHSA-2026:10097

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:10097

reference_url

https://access.redhat.com/errata/RHSA-2026:4648

reference_id

RHSA-2026:4648

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4648

reference_url

https://access.redhat.com/errata/RHSA-2026:4649

reference_id

RHSA-2026:4649

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4649

reference_url

https://access.redhat.com/errata/RHSA-2026:4652

reference_id

RHSA-2026:4652

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4652

reference_url

https://access.redhat.com/errata/RHSA-2026:4653

reference_id

RHSA-2026:4653

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4653

reference_url

https://access.redhat.com/errata/RHSA-2026:4654

reference_id

RHSA-2026:4654

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4654

reference_url

https://access.redhat.com/errata/RHSA-2026:4760

reference_id

RHSA-2026:4760

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4760

reference_url

https://access.redhat.com/errata/RHSA-2026:4822

reference_id

RHSA-2026:4822

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4822

reference_url

https://access.redhat.com/errata/RHSA-2026:4823

reference_id

RHSA-2026:4823

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4823

reference_url

https://access.redhat.com/errata/RHSA-2026:4830

reference_id

RHSA-2026:4830

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4830

reference_url

https://access.redhat.com/errata/RHSA-2026:4900

reference_id

RHSA-2026:4900

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4900

reference_url

https://access.redhat.com/errata/RHSA-2026:4998

reference_id

RHSA-2026:4998

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:4998

reference_url

https://access.redhat.com/errata/RHSA-2026:5074

reference_id

RHSA-2026:5074

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:5074

reference_url

https://access.redhat.com/errata/RHSA-2026:5127

reference_id

RHSA-2026:5127

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:5127

reference_url

https://access.redhat.com/errata/RHSA-2026:5233

reference_id

RHSA-2026:5233

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:5233

reference_url

https://access.redhat.com/errata/RHSA-2026:6492

reference_id

RHSA-2026:6492

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:6492

reference_url

https://access.redhat.com/errata/RHSA-2026:7239

reference_id

RHSA-2026:7239

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:7239

reference_url

https://access.redhat.com/errata/RHSA-2026:7243

reference_id

RHSA-2026:7243

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/

url

https://access.redhat.com/errata/RHSA-2026:7243

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

url	pkg:deb/debian/grub2@2.14-2
purl	pkg:deb/debian/grub2@2.14-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2

aliases CVE-2025-61662

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1tdk-6d8a-m7h8

url VCID-1vtj-un1a-afax

vulnerability_id VCID-1vtj-un1a-afax

summary grub2: jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0685.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0685.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0685

reference_id

reference_type

scores

value	0.00058
scoring_system	epss
scoring_elements	0.17962
published_at	2026-04-29T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18329
published_at	2026-04-02T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18116
published_at	2026-04-21T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18023
published_at	2026-04-24T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18
published_at	2026-04-26T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18384
published_at	2026-04-04T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18085
published_at	2026-04-18T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18169
published_at	2026-04-08T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18223
published_at	2026-04-09T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18227
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.1818
published_at	2026-04-12T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18129
published_at	2026-04-13T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18073
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0685

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346120

reference_id

2346120

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:13:24Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346120

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-0685

reference_id

CVE-2025-0685

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:13:24Z/

url

https://access.redhat.com/security/cve/CVE-2025-0685

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0685

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1vtj-un1a-afax

url VCID-29d7-asmu-e7ev

vulnerability_id VCID-29d7-asmu-e7ev

summary Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3981.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3981.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3981

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06521
published_at	2026-04-01T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06586
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06621
published_at	2026-04-04T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.066
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06649
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06692
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06691
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06684
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06675
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06604
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06596
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06754
published_at	2026-04-21T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06736
published_at	2026-04-24T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06745
published_at	2026-04-26T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06738
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3981

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3981
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3981

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001414
reference_id	1001414
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001414

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2024170
reference_id	2024170
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2024170

reference_url	https://security.gentoo.org/glsa/202209-12
reference_id	GLSA-202209-12
reference_type
scores
url	https://security.gentoo.org/glsa/202209-12

reference_url	https://access.redhat.com/errata/RHSA-2022:2110
reference_id	RHSA-2022:2110
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2110

reference_url	https://usn.ubuntu.com/6355-1/
reference_id	USN-6355-1
reference_type
scores
url	https://usn.ubuntu.com/6355-1/

fixed_packages

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u1

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1

aliases CVE-2021-3981

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29d7-asmu-e7ev

url VCID-3vhv-ya75-cuhc

vulnerability_id VCID-3vhv-ya75-cuhc

summary grub2: command/gpg: Use-after-free due to hooks not being removed on module unload

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0622.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0622.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0622

reference_id

reference_type

scores

value	6e-05
scoring_system	epss
scoring_elements	0.00286
published_at	2026-04-08T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00288
published_at	2026-04-07T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00299
published_at	2026-04-02T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.0028
published_at	2026-04-16T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00282
published_at	2026-04-13T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00283
published_at	2026-04-18T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00285
published_at	2026-04-11T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00297
published_at	2026-04-04T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.0063
published_at	2026-04-24T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00632
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0622

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2345865

reference_id

2345865

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2345865

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-0622

reference_id

CVE-2025-0622

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/

url

https://access.redhat.com/security/cve/CVE-2025-0622

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_url

https://access.redhat.com/errata/RHSA-2025:16154

reference_id

RHSA-2025:16154

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/

url

https://access.redhat.com/errata/RHSA-2025:16154

reference_url

https://access.redhat.com/errata/RHSA-2025:6990

reference_id

RHSA-2025:6990

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/

url

https://access.redhat.com/errata/RHSA-2025:6990

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0622

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3vhv-ya75-cuhc

url VCID-53x3-83by-gueq

vulnerability_id VCID-53x3-83by-gueq

summary grub2: Use-after-free in grub_file_close()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54771.json

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54771.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-54771

reference_id

reference_type

scores

value	0.00014
scoring_system	epss
scoring_elements	0.02629
published_at	2026-04-21T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02519
published_at	2026-04-18T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02605
published_at	2026-04-26T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02617
published_at	2026-04-24T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02767
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04023
published_at	2026-04-29T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08449
published_at	2026-04-08T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08467
published_at	2026-04-09T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08462
published_at	2026-04-11T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08442
published_at	2026-04-12T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08427
published_at	2026-04-13T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08378
published_at	2026-04-07T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08458
published_at	2026-04-04T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08405
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-54771

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54771
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54771

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968
reference_id	1120968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2413823

reference_id

2413823

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:17:17Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2413823

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-54771

reference_id

CVE-2025-54771

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:17:17Z/

url

https://access.redhat.com/security/cve/CVE-2025-54771

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

url	pkg:deb/debian/grub2@2.14-2
purl	pkg:deb/debian/grub2@2.14-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2

aliases CVE-2025-54771

risk_score 2.2

exploitability 0.5

weighted_severity 4.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53x3-83by-gueq

url VCID-5a7e-ctj7-dqab

vulnerability_id VCID-5a7e-ctj7-dqab

summary grub2: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0677.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0677.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0677

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07795
published_at	2026-04-04T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07751
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07753
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07813
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0783
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07825
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07812
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07798
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07712
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07688
published_at	2026-04-18T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09963
published_at	2026-04-29T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.10062
published_at	2026-04-21T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.1004
published_at	2026-04-24T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.1002
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0677

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0677
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0677

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346116

reference_id

2346116

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346116

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-0677

reference_id

CVE-2025-0677

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/

url

https://access.redhat.com/security/cve/CVE-2025-0677

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_url

https://access.redhat.com/errata/RHSA-2025:16154

reference_id

RHSA-2025:16154

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/

url

https://access.redhat.com/errata/RHSA-2025:16154

reference_url

https://access.redhat.com/errata/RHSA-2025:6990

reference_id

RHSA-2025:6990

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/

url

https://access.redhat.com/errata/RHSA-2025:6990

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0677

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5a7e-ctj7-dqab

url VCID-5m3u-p8q4-kfhx

vulnerability_id VCID-5m3u-p8q4-kfhx

summary grub2: commands/extcmd: Missing check for failed allocation

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45775.json

reference_id

reference_type

scores

value	5.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45775.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45775

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.07815
published_at	2026-04-29T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.0791
published_at	2026-04-21T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07871
published_at	2026-04-24T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07839
published_at	2026-04-26T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07821
published_at	2026-04-02T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07868
published_at	2026-04-04T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07822
published_at	2026-04-07T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.0788
published_at	2026-04-08T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07905
published_at	2026-04-09T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07892
published_at	2026-04-11T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07879
published_at	2026-04-12T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07866
published_at	2026-04-13T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07781
published_at	2026-04-16T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07757
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45775

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2337481

reference_id

2337481

reference_type

scores

value	5.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:30Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2337481

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2024-45775

reference_id

CVE-2024-45775

reference_type

scores

value	5.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:30Z/

url

https://access.redhat.com/security/cve/CVE-2024-45775

reference_url

https://access.redhat.com/errata/RHSA-2025:6990

reference_id

RHSA-2025:6990

reference_type

scores

value	5.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:30Z/

url

https://access.redhat.com/errata/RHSA-2025:6990

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45775

risk_score 2.4

exploitability 0.5

weighted_severity 4.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5m3u-p8q4-kfhx

url VCID-5m6c-h4j2-mqcg

vulnerability_id VCID-5m6c-h4j2-mqcg

summary grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45777.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45777.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45777

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06434
published_at	2026-04-29T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06385
published_at	2026-04-21T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06399
published_at	2026-04-24T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06424
published_at	2026-04-26T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06195
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06226
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06207
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06249
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0629
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06277
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06266
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06225
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06236
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45777

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346343

reference_id

2346343

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:38:37Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346343

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2024-45777

reference_id

CVE-2024-45777

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:38:37Z/

url

https://access.redhat.com/security/cve/CVE-2024-45777

reference_url

https://access.redhat.com/errata/RHSA-2025:20532

reference_id

RHSA-2025:20532

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:38:37Z/

url

https://access.redhat.com/errata/RHSA-2025:20532

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45777

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5m6c-h4j2-mqcg

url VCID-5vyx-ut4z-jucd

vulnerability_id VCID-5vyx-ut4z-jucd

summary grub2: udf: Heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0689.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0689.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0689

reference_id

reference_type

scores

value	0.00077
scoring_system	epss
scoring_elements	0.22879
published_at	2026-04-29T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23204
published_at	2026-04-02T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23102
published_at	2026-04-16T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23094
published_at	2026-04-18T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23056
published_at	2026-04-21T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22887
published_at	2026-04-24T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22882
published_at	2026-04-26T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23248
published_at	2026-04-04T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23038
published_at	2026-04-07T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23111
published_at	2026-04-08T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23164
published_at	2026-04-09T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23184
published_at	2026-04-11T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23146
published_at	2026-04-12T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23088
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0689

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0689
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0689

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346122

reference_id

2346122

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:08:10Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346122

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-0689

reference_id

CVE-2025-0689

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:08:10Z/

url

https://access.redhat.com/security/cve/CVE-2025-0689

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:08:10Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0689

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5vyx-ut4z-jucd

url VCID-6cpn-v8j3-7ub3

vulnerability_id VCID-6cpn-v8j3-7ub3

summary grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write and Read.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45776.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45776.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45776

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06434
published_at	2026-04-29T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06385
published_at	2026-04-21T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06399
published_at	2026-04-24T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06424
published_at	2026-04-26T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06195
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06226
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06207
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06249
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0629
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06277
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06266
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06225
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06236
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45776

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2339182

reference_id

2339182

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:26Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2339182

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2024-45776

reference_id

CVE-2024-45776

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:26Z/

url

https://access.redhat.com/security/cve/CVE-2024-45776

reference_url

https://access.redhat.com/errata/RHSA-2025:16154

reference_id

RHSA-2025:16154

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:26Z/

url

https://access.redhat.com/errata/RHSA-2025:16154

reference_url

https://access.redhat.com/errata/RHSA-2025:6990

reference_id

RHSA-2025:6990

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:26Z/

url

https://access.redhat.com/errata/RHSA-2025:6990

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45776

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6cpn-v8j3-7ub3

url VCID-6tg5-6gjc-nygy

vulnerability_id VCID-6tg5-6gjc-nygy

summary grub2: read: Integer overflow may lead to out-of-bounds write

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0690.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0690.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0690

reference_id

reference_type

scores

value	7e-05
scoring_system	epss
scoring_elements	0.00487
published_at	2026-04-29T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00475
published_at	2026-04-02T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00456
published_at	2026-04-13T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00454
published_at	2026-04-16T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.0046
published_at	2026-04-18T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00491
published_at	2026-04-21T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00488
published_at	2026-04-26T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00471
published_at	2026-04-04T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00467
published_at	2026-04-07T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00464
published_at	2026-04-08T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00461
published_at	2026-04-11T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00457
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0690

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346123

reference_id

2346123

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T11:17:51Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346123

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-0690

reference_id

CVE-2025-0690

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T11:17:51Z/

url

https://access.redhat.com/security/cve/CVE-2025-0690

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T11:17:51Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_url

https://access.redhat.com/errata/RHSA-2025:6990

reference_id

RHSA-2025:6990

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T11:17:51Z/

url

https://access.redhat.com/errata/RHSA-2025:6990

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0690

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6tg5-6gjc-nygy

url VCID-6vxc-35x2-3fek

vulnerability_id VCID-6vxc-35x2-3fek

summary grub2: fs/bfs: Integer overflow in the BFS parser.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45778.json

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45778.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45778

reference_id

reference_type

scores

value	0.00013
scoring_system	epss
scoring_elements	0.0231
published_at	2026-04-29T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02288
published_at	2026-04-21T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02271
published_at	2026-04-24T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02263
published_at	2026-04-26T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04351
published_at	2026-04-18T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04331
published_at	2026-04-02T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04352
published_at	2026-04-04T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04363
published_at	2026-04-07T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04395
published_at	2026-04-08T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04411
published_at	2026-04-09T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04406
published_at	2026-04-11T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04391
published_at	2026-04-12T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04375
published_at	2026-04-13T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04342
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45778

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2345640

reference_id

2345640

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T16:17:31Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2345640

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2024-45778

reference_id

CVE-2024-45778

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T16:17:31Z/

url

https://access.redhat.com/security/cve/CVE-2024-45778

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	4.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T16:17:31Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45778

risk_score 1.9

exploitability 0.5

weighted_severity 3.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6vxc-35x2-3fek

url VCID-c2vg-36gb-bqas

vulnerability_id VCID-c2vg-36gb-bqas

summary grub2: Missing unregister call for normal_exit command may lead to use-after-free

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61664.json

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61664.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-61664

reference_id

reference_type

scores

value	0.00015
scoring_system	epss
scoring_elements	0.03118
published_at	2026-04-21T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02997
published_at	2026-04-18T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03105
published_at	2026-04-26T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03115
published_at	2026-04-24T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03326
published_at	2026-04-16T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04629
published_at	2026-04-29T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06563
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06605
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06599
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06591
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06582
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06513
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06522
published_at	2026-04-04T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06484
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-61664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61664
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61664

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968
reference_id	1120968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2414685

reference_id

2414685

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:28:39Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2414685

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-61664

reference_id

CVE-2025-61664

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:28:39Z/

url

https://access.redhat.com/security/cve/CVE-2025-61664

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

url	pkg:deb/debian/grub2@2.14-2
purl	pkg:deb/debian/grub2@2.14-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2

aliases CVE-2025-61664

risk_score 2.2

exploitability 0.5

weighted_severity 4.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2vg-36gb-bqas

url VCID-dn64-5ysd-yfer

vulnerability_id VCID-dn64-5ysd-yfer

summary grub2: heap-based buffer overflow

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56737.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56737.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-56737

reference_id

reference_type

scores

value	0.00149
scoring_system	epss
scoring_elements	0.3508
published_at	2026-04-29T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35418
published_at	2026-04-21T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35182
published_at	2026-04-24T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.3516
published_at	2026-04-26T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35518
published_at	2026-04-02T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35543
published_at	2026-04-04T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35425
published_at	2026-04-07T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35471
published_at	2026-04-08T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35496
published_at	2026-04-09T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35506
published_at	2026-04-11T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35463
published_at	2026-04-12T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35441
published_at	2026-04-13T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35481
published_at	2026-04-16T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.3547
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-56737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56737

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2334772
reference_id	2334772
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2334772

reference_url

https://savannah.gnu.org/bugs/?66599

reference_id

?66599

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-31T18:16:13Z/

url

https://savannah.gnu.org/bugs/?66599

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-56737

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dn64-5ysd-yfer

url VCID-gaet-924c-57dv

vulnerability_id VCID-gaet-924c-57dv

summary grub2: Use-after-free in net_set_vlan

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54770.json

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54770.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-54770

reference_id

reference_type

scores

value	0.00014
scoring_system	epss
scoring_elements	0.02629
published_at	2026-04-21T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02519
published_at	2026-04-18T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02605
published_at	2026-04-26T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02617
published_at	2026-04-24T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.02767
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04023
published_at	2026-04-29T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08449
published_at	2026-04-08T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08467
published_at	2026-04-09T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08462
published_at	2026-04-11T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08442
published_at	2026-04-12T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08427
published_at	2026-04-13T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08378
published_at	2026-04-07T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08458
published_at	2026-04-04T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08405
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-54770

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54770
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54770

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968
reference_id	1120968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2413813

reference_id

2413813

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:33:53Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2413813

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-54770

reference_id

CVE-2025-54770

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:33:53Z/

url

https://access.redhat.com/security/cve/CVE-2025-54770

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

url	pkg:deb/debian/grub2@2.14-2
purl	pkg:deb/debian/grub2@2.14-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2

aliases CVE-2025-54770

risk_score 2.2

exploitability 0.5

weighted_severity 4.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gaet-924c-57dv

url VCID-h2ca-d9yc-vbex

vulnerability_id VCID-h2ca-d9yc-vbex

summary grub2: fs/hfs: Integer overflow may lead to heap based out-of-bounds write

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1125.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1125.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1125

reference_id

reference_type

scores

value	0.00063
scoring_system	epss
scoring_elements	0.1934
published_at	2026-04-29T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19709
published_at	2026-04-02T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19476
published_at	2026-04-16T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19484
published_at	2026-04-18T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19496
published_at	2026-04-21T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19388
published_at	2026-04-24T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19379
published_at	2026-04-26T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19757
published_at	2026-04-04T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19482
published_at	2026-04-07T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19561
published_at	2026-04-08T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19613
published_at	2026-04-09T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19617
published_at	2026-04-11T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19569
published_at	2026-04-12T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19511
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1125

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1125
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1125

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346138

reference_id

2346138

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:11:35Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346138

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-1125

reference_id

CVE-2025-1125

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:11:35Z/

url

https://access.redhat.com/security/cve/CVE-2025-1125

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:11:35Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-1125

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h2ca-d9yc-vbex

url VCID-hn4b-sdcq-j3bx

vulnerability_id VCID-hn4b-sdcq-j3bx

summary grub2: commands/dump: The dump command is not in lockdown when secure boot is enabled

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1118.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1118.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-1118

reference_id

reference_type

scores

value	0.00017
scoring_system	epss
scoring_elements	0.03929
published_at	2026-04-04T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0392
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03941
published_at	2026-04-07T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03947
published_at	2026-04-08T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0397
published_at	2026-04-09T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03938
published_at	2026-04-11T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03921
published_at	2026-04-12T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03892
published_at	2026-04-13T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03871
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03881
published_at	2026-04-18T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.0476
published_at	2026-04-24T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04796
published_at	2026-04-26T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04819
published_at	2026-04-29T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04723
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-1118

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1118

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346137

reference_id

2346137

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346137

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-1118

reference_id

CVE-2025-1118

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/

url

https://access.redhat.com/security/cve/CVE-2025-1118

reference_url

https://git.savannah.gnu.org/cgit/grub.git/commit/?id=34824806ac6302f91e8cabaa41308eaced25725f

reference_id

?id=34824806ac6302f91e8cabaa41308eaced25725f

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/

url

https://git.savannah.gnu.org/cgit/grub.git/commit/?id=34824806ac6302f91e8cabaa41308eaced25725f

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_url

https://access.redhat.com/errata/RHSA-2025:16154

reference_id

RHSA-2025:16154

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/

url

https://access.redhat.com/errata/RHSA-2025:16154

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-1118

risk_score 2.0

exploitability 0.5

weighted_severity 4.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hn4b-sdcq-j3bx

url VCID-nphq-62t2-b7bk

vulnerability_id VCID-nphq-62t2-b7bk

summary grub2: reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0684.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0684.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0684

reference_id

reference_type

scores

value	0.00026
scoring_system	epss
scoring_elements	0.07081
published_at	2026-04-29T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.06999
published_at	2026-04-02T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07148
published_at	2026-04-21T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07115
published_at	2026-04-24T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07121
published_at	2026-04-26T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07052
published_at	2026-04-04T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07032
published_at	2026-04-07T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07086
published_at	2026-04-08T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07117
published_at	2026-04-09T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07116
published_at	2026-04-11T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07105
published_at	2026-04-12T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07095
published_at	2026-04-13T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07031
published_at	2026-04-16T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07016
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0684

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346119

reference_id

2346119

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:14:33Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346119

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-0684

reference_id

CVE-2025-0684

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:14:33Z/

url

https://access.redhat.com/security/cve/CVE-2025-0684

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0684

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nphq-62t2-b7bk

url VCID-pjq7-bxwk-uqec

vulnerability_id VCID-pjq7-bxwk-uqec

summary grub2: fs/hfs+: refcount can be decremented twice

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45783.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45783.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45783

reference_id

reference_type

scores

value	0.00016
scoring_system	epss
scoring_elements	0.03836
published_at	2026-04-29T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03777
published_at	2026-04-21T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03784
published_at	2026-04-24T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03787
published_at	2026-04-26T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03707
published_at	2026-04-02T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03718
published_at	2026-04-04T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03732
published_at	2026-04-07T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03735
published_at	2026-04-08T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03758
published_at	2026-04-09T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03717
published_at	2026-04-11T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03694
published_at	2026-04-12T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03668
published_at	2026-04-13T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03645
published_at	2026-04-16T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03655
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45783

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2345863

reference_id

2345863

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:27Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2345863

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2024-45783

reference_id

CVE-2024-45783

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:27Z/

url

https://access.redhat.com/security/cve/CVE-2024-45783

reference_url

https://access.redhat.com/errata/RHSA-2025:6990

reference_id

RHSA-2025:6990

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:27Z/

url

https://access.redhat.com/errata/RHSA-2025:6990

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45783

risk_score 2.0

exploitability 0.5

weighted_severity 4.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pjq7-bxwk-uqec

url VCID-s86w-7czc-s3a9

vulnerability_id VCID-s86w-7czc-s3a9

summary grub2: reader/jpeg: Heap OOB Write during JPEG parsing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45774.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45774.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45774

reference_id

reference_type

scores

value	4e-05
scoring_system	epss
scoring_elements	0.00157
published_at	2026-04-29T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00156
published_at	2026-04-18T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00155
published_at	2026-04-13T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00154
published_at	2026-04-08T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00158
published_at	2026-04-21T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.0016
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45774

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45774
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45774

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2337461

reference_id

2337461

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T18:54:05Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2337461

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2024-45774

reference_id

CVE-2024-45774

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T18:54:05Z/

url

https://access.redhat.com/security/cve/CVE-2024-45774

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T18:54:05Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_url

https://access.redhat.com/errata/RHSA-2025:6990

reference_id

RHSA-2025:6990

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T18:54:05Z/

url

https://access.redhat.com/errata/RHSA-2025:6990

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45774

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s86w-7czc-s3a9

url VCID-sub1-vd8w-dka7

vulnerability_id VCID-sub1-vd8w-dka7

summary grub2: net: Out-of-bounds write in grub_net_search_config_file()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0624.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0624.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0624

reference_id

reference_type

scores

value	0.00793
scoring_system	epss
scoring_elements	0.7394
published_at	2026-04-12T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73893
published_at	2026-04-02T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73982
published_at	2026-04-18T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73973
published_at	2026-04-16T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73917
published_at	2026-04-04T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73888
published_at	2026-04-07T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73923
published_at	2026-04-08T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73936
published_at	2026-04-09T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73958
published_at	2026-04-11T12:55:00Z

value	0.00793
scoring_system	epss
scoring_elements	0.73932
published_at	2026-04-13T12:55:00Z

value	0.00815
scoring_system	epss
scoring_elements	0.74372
published_at	2026-04-29T12:55:00Z

value	0.00815
scoring_system	epss
scoring_elements	0.74331
published_at	2026-04-21T12:55:00Z

value	0.00815
scoring_system	epss
scoring_elements	0.74365
published_at	2026-04-24T12:55:00Z

value	0.00815
scoring_system	epss
scoring_elements	0.74373
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0624

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346112

reference_id

2346112

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id	cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el9
reference_id	cpe:/a:redhat:openshift:4.12::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id	cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id	cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id	cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id	cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id	cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-0624

reference_id

CVE-2025-0624

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/security/cve/CVE-2025-0624

reference_url

https://access.redhat.com/errata/RHSA-2025:2521

reference_id

RHSA-2025:2521

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:2521

reference_url

https://access.redhat.com/errata/RHSA-2025:2653

reference_id

RHSA-2025:2653

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:2653

reference_url

https://access.redhat.com/errata/RHSA-2025:2655

reference_id

RHSA-2025:2655

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:2655

reference_url

https://access.redhat.com/errata/RHSA-2025:2675

reference_id

RHSA-2025:2675

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:2675

reference_url

https://access.redhat.com/errata/RHSA-2025:2784

reference_id

RHSA-2025:2784

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:2784

reference_url

https://access.redhat.com/errata/RHSA-2025:2799

reference_id

RHSA-2025:2799

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:2799

reference_url

https://access.redhat.com/errata/RHSA-2025:2867

reference_id

RHSA-2025:2867

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:2867

reference_url

https://access.redhat.com/errata/RHSA-2025:2869

reference_id

RHSA-2025:2869

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:2869

reference_url

https://access.redhat.com/errata/RHSA-2025:3367

reference_id

RHSA-2025:3367

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:3367

reference_url

https://access.redhat.com/errata/RHSA-2025:3396

reference_id

RHSA-2025:3396

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:3396

reference_url

https://access.redhat.com/errata/RHSA-2025:3780

reference_id

RHSA-2025:3780

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:3780

reference_url

https://access.redhat.com/errata/RHSA-2025:4422

reference_id

RHSA-2025:4422

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:4422

reference_url

https://access.redhat.com/errata/RHSA-2025:7702

reference_id

RHSA-2025:7702

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/

url

https://access.redhat.com/errata/RHSA-2025:7702

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0624

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sub1-vd8w-dka7

url VCID-swtj-9pmu-4ugn

vulnerability_id VCID-swtj-9pmu-4ugn

summary grub2: grub allow access to encrypted device through CLI once root device is unlocked via TPM

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4382.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4382.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4382

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.21994
published_at	2026-04-29T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22328
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22213
published_at	2026-04-16T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22207
published_at	2026-04-18T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22161
published_at	2026-04-21T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22021
published_at	2026-04-24T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22007
published_at	2026-04-26T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22373
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22157
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.2224
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22293
published_at	2026-04-09T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22313
published_at	2026-04-11T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22271
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22212
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4382

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4382
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4382

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105108
reference_id	1105108
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105108

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2364416

reference_id

2364416

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2364416

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-4382

reference_id

CVE-2025-4382

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/

url

https://access.redhat.com/security/cve/CVE-2025-4382

reference_url

https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=blobdiff;f=grub-core/kern/rescue_reader.c;h=a71ada8fb7da2eae6ee7135fe234fb1755ca78b0;hp=4259857ba9eea45446bc40ea13c3de4ab1b88ffd;hb=c448f511e74cb7c776b314fcb7943f98d3f22b6d;hpb=4abac0ad5a7914dd3cdfff08aaac06588bf98d80

reference_id

rescue_reader.c;h=a71ada8fb7da2eae6ee7135fe234fb1755ca78b0;hp=4259857ba9eea45446bc40ea13c3de4ab1b88ffd;hb=c448f511e74cb7c776b314fcb7943f98d3f22b6d;hpb=4abac0ad5a7914dd3cdfff08aaac06588bf98d80

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/

url

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

url pkg:deb/debian/grub2@2.14~git20250718.0e36779-2

purl pkg:deb/debian/grub2@2.14~git20250718.0e36779-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2

url	pkg:deb/debian/grub2@2.14-2
purl	pkg:deb/debian/grub2@2.14-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2

aliases CVE-2025-4382

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-swtj-9pmu-4ugn

url VCID-tkur-tbms-zkcz

vulnerability_id VCID-tkur-tbms-zkcz

summary grub2: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0678.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0678.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0678

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07529
published_at	2026-04-29T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07511
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07638
published_at	2026-04-21T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07585
published_at	2026-04-24T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07562
published_at	2026-04-26T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07551
published_at	2026-04-04T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07533
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07592
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07612
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0761
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07598
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07584
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07509
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07496
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0678

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346118

reference_id

2346118

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:15:54Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346118

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-0678

reference_id

CVE-2025-0678

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:15:54Z/

url

https://access.redhat.com/security/cve/CVE-2025-0678

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0678

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tkur-tbms-zkcz

url VCID-ur99-cm1x-cfdm

vulnerability_id VCID-ur99-cm1x-cfdm

summary grub2: Missing unregister call for normal commands may lead to use-after-free

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61663.json

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61663.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-61663

reference_id

reference_type

scores

value	0.00019
scoring_system	epss
scoring_elements	0.05204
published_at	2026-04-21T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05056
published_at	2026-04-18T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05277
published_at	2026-04-26T12:55:00Z

value	0.00019
scoring_system	epss
scoring_elements	0.05235
published_at	2026-04-24T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.0531
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06303
published_at	2026-04-29T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08943
published_at	2026-04-08T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08972
published_at	2026-04-09T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08968
published_at	2026-04-11T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08934
published_at	2026-04-12T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08921
published_at	2026-04-13T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08867
published_at	2026-04-07T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08935
published_at	2026-04-04T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08884
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-61663

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61663
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61663

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968
reference_id	1120968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2414684

reference_id

2414684

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:27:28Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2414684

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-61663

reference_id

CVE-2025-61663

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:27:28Z/

url

https://access.redhat.com/security/cve/CVE-2025-61663

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

url	pkg:deb/debian/grub2@2.14-2
purl	pkg:deb/debian/grub2@2.14-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2

aliases CVE-2025-61663

risk_score 2.2

exploitability 0.5

weighted_severity 4.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ur99-cm1x-cfdm

url VCID-wy3p-p9zf-r7ef

vulnerability_id VCID-wy3p-p9zf-r7ef

summary grub2: grub2: Out-of-bounds write via malicious USB device

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61661.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61661.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-61661

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06666
published_at	2026-04-21T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06514
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06689
published_at	2026-04-26T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06676
published_at	2026-04-24T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06892
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07474
published_at	2026-04-29T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.1179
published_at	2026-04-08T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11843
published_at	2026-04-09T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11853
published_at	2026-04-11T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11814
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11787
published_at	2026-04-13T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11707
published_at	2026-04-07T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11921
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11876
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-61661

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61661
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61661

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968
reference_id	1120968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2413827

reference_id

2413827

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:18:04Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2413827

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-61661

reference_id

CVE-2025-61661

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:18:04Z/

url

https://access.redhat.com/security/cve/CVE-2025-61661

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

url	pkg:deb/debian/grub2@2.14-2
purl	pkg:deb/debian/grub2@2.14-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2

aliases CVE-2025-61661

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wy3p-p9zf-r7ef

url VCID-x57b-4ggt-5qdf

vulnerability_id VCID-x57b-4ggt-5qdf

summary grub2: fs/tar: Integer Overflow causes Heap OOB Write

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45780.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45780.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45780

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06434
published_at	2026-04-29T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06225
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06236
published_at	2026-04-18T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06385
published_at	2026-04-21T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06399
published_at	2026-04-24T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06424
published_at	2026-04-26T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06195
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06226
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06207
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06249
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0629
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06277
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06266
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45780

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45780
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45780

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2345856

reference_id

2345856

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:07:37Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2345856

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2024-45780

reference_id

CVE-2024-45780

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:07:37Z/

url

https://access.redhat.com/security/cve/CVE-2024-45780

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:07:37Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45780

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x57b-4ggt-5qdf

url VCID-xamt-2k26-p3ev

vulnerability_id VCID-xamt-2k26-p3ev

summary grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45782.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45782.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45782

reference_id

reference_type

scores

value	9e-05
scoring_system	epss
scoring_elements	0.00911
published_at	2026-04-29T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00909
published_at	2026-04-21T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00912
published_at	2026-04-24T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00916
published_at	2026-04-26T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00866
published_at	2026-04-04T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00868
published_at	2026-04-07T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00872
published_at	2026-04-08T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.0087
published_at	2026-04-09T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00859
published_at	2026-04-11T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00852
published_at	2026-04-12T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00854
published_at	2026-04-13T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00853
published_at	2026-04-16T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.0086
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45782

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2345858

reference_id

2345858

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:16:37Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2345858

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2024-45782

reference_id

CVE-2024-45782

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:16:37Z/

url

https://access.redhat.com/security/cve/CVE-2024-45782

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45782

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xamt-2k26-p3ev

url VCID-xjtf-q3gz-7ug8

vulnerability_id VCID-xjtf-q3gz-7ug8

summary grub2: fs/bfs: Integer overflow leads to Heap OOB Read in the BFS parser

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45779.json

reference_id

reference_type

scores

value	6.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45779.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45779

reference_id

reference_type

scores

value	0.00017
scoring_system	epss
scoring_elements	0.04112
published_at	2026-04-29T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03911
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03923
published_at	2026-04-18T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04045
published_at	2026-04-21T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0406
published_at	2026-04-24T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04079
published_at	2026-04-26T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03954
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03969
published_at	2026-04-04T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03982
published_at	2026-04-07T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03988
published_at	2026-04-08T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.04006
published_at	2026-04-09T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03976
published_at	2026-04-11T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0396
published_at	2026-04-12T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0393
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45779

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2345854

reference_id

2345854

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T15:05:17Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2345854

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2024-45779

reference_id

CVE-2024-45779

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T15:05:17Z/

url

https://access.redhat.com/security/cve/CVE-2024-45779

reference_url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T15:05:17Z/

url

https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45779

risk_score 2.7

exploitability 0.5

weighted_severity 5.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xjtf-q3gz-7ug8

url VCID-ymw1-gk3r-kfhz

vulnerability_id VCID-ymw1-gk3r-kfhz

summary grub2: romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dat

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0686.json

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0686.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0686

reference_id

reference_type

scores

value	0.00058
scoring_system	epss
scoring_elements	0.17962
published_at	2026-04-29T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18329
published_at	2026-04-02T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18116
published_at	2026-04-21T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18023
published_at	2026-04-24T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18
published_at	2026-04-26T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18384
published_at	2026-04-04T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18085
published_at	2026-04-18T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18169
published_at	2026-04-08T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18223
published_at	2026-04-09T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18227
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.1818
published_at	2026-04-12T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18129
published_at	2026-04-13T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18073
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0686

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2346121

reference_id

2346121

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:11:43Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2346121

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-0686

reference_id

CVE-2025-0686

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:11:43Z/

url

https://access.redhat.com/security/cve/CVE-2025-0686

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2025-0686

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymw1-gk3r-kfhz

url VCID-yw2r-4rr8-pkfd

vulnerability_id VCID-yw2r-4rr8-pkfd

summary grub2: fs/ufs: OOB write in the heap

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45781.json

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45781.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45781

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06434
published_at	2026-04-29T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06385
published_at	2026-04-21T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06399
published_at	2026-04-24T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06424
published_at	2026-04-26T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06195
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06226
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06207
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06249
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0629
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06281
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06277
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06266
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06225
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06236
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45781

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319
reference_id	1098319
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2345857

reference_id

2345857

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:23Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2345857

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2024-45781

reference_id

CVE-2024-45781

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:23Z/

url

https://access.redhat.com/security/cve/CVE-2024-45781

reference_url

https://access.redhat.com/errata/RHSA-2025:16154

reference_id

RHSA-2025:16154

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:23Z/

url

https://access.redhat.com/errata/RHSA-2025:16154

reference_url

https://access.redhat.com/errata/RHSA-2025:6990

reference_id

RHSA-2025:6990

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:23Z/

url

https://access.redhat.com/errata/RHSA-2025:6990

fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

aliases CVE-2024-45781

risk_score 3.0

exploitability 0.5

weighted_severity 6.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yw2r-4rr8-pkfd

Fixing_vulnerabilities

url VCID-33ec-pjax-nkak

vulnerability_id VCID-33ec-pjax-nkak

summary Multiple vulnerabilities have been discoverd in GRUB, which may lead to secure boot circumvention or code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3775.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3775.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-3775

reference_id

reference_type

scores

value	0.00078
scoring_system	epss
scoring_elements	0.23168
published_at	2026-04-12T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23205
published_at	2026-04-11T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.2311
published_at	2026-04-13T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23124
published_at	2026-04-16T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23116
published_at	2026-04-18T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.2363
published_at	2026-04-09T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.2369
published_at	2026-04-02T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23732
published_at	2026-04-04T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23513
published_at	2026-04-07T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23584
published_at	2026-04-08T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.23961
published_at	2026-04-29T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24138
published_at	2026-04-21T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24013
published_at	2026-04-24T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24002
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-3775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2138880
reference_id	2138880
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2138880

reference_url	https://security.gentoo.org/glsa/202311-14
reference_id	GLSA-202311-14
reference_type
scores
url	https://security.gentoo.org/glsa/202311-14

reference_url	https://access.redhat.com/errata/RHSA-2022:8494
reference_id	RHSA-2022:8494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8494

reference_url	https://access.redhat.com/errata/RHSA-2022:8800
reference_id	RHSA-2022:8800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8800

reference_url	https://access.redhat.com/errata/RHSA-2022:8978
reference_id	RHSA-2022:8978
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8978

reference_url	https://access.redhat.com/errata/RHSA-2023:0047
reference_id	RHSA-2023:0047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0047

reference_url	https://access.redhat.com/errata/RHSA-2023:0048
reference_id	RHSA-2023:0048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0048

reference_url	https://access.redhat.com/errata/RHSA-2023:0049
reference_id	RHSA-2023:0049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0049

reference_url	https://access.redhat.com/errata/RHSA-2023:0752
reference_id	RHSA-2023:0752
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0752

reference_url	https://usn.ubuntu.com/6355-1/
reference_id	USN-6355-1
reference_type
scores
url	https://usn.ubuntu.com/6355-1/

fixed_packages

url pkg:deb/debian/grub2@2.06-3~deb11u6

purl pkg:deb/debian/grub2@2.06-3~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6

aliases CVE-2022-3775

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33ec-pjax-nkak

url VCID-8kh4-ym2x-k3he

vulnerability_id VCID-8kh4-ym2x-k3he

summary grub2: out-of-bounds read at fs/ntfs.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4693.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4693.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4693

reference_id

reference_type

scores

value	9e-05
scoring_system	epss
scoring_elements	0.00935
published_at	2026-04-04T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00939
published_at	2026-04-07T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00942
published_at	2026-04-08T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00938
published_at	2026-04-09T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00927
published_at	2026-04-11T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00922
published_at	2026-04-12T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00924
published_at	2026-04-13T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.0092
published_at	2026-04-16T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00928
published_at	2026-04-18T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00979
published_at	2026-04-21T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00981
published_at	2026-04-24T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00985
published_at	2026-04-26T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00978
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2238343
reference_id	2238343
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2238343

reference_url	https://access.redhat.com/errata/RHSA-2024:2456
reference_id	RHSA-2024:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2456

reference_url	https://access.redhat.com/errata/RHSA-2024:3184
reference_id	RHSA-2024:3184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3184

reference_url	https://usn.ubuntu.com/6410-1/
reference_id	USN-6410-1
reference_type
scores
url	https://usn.ubuntu.com/6410-1/

fixed_packages

url pkg:deb/debian/grub2@2.06-3~deb11u6

purl pkg:deb/debian/grub2@2.06-3~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6

aliases CVE-2023-4693

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8kh4-ym2x-k3he

url VCID-9mut-ye1e-pbdx

vulnerability_id VCID-9mut-ye1e-pbdx

summary grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4692.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4692.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4692

reference_id

reference_type

scores

value	4e-05
scoring_system	epss
scoring_elements	0.00169
published_at	2026-04-26T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00161
published_at	2026-04-02T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00163
published_at	2026-04-09T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00165
published_at	2026-04-16T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00164
published_at	2026-04-13T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00166
published_at	2026-04-29T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.00168
published_at	2026-04-21T12:55:00Z

value	4e-05
scoring_system	epss
scoring_elements	0.0017
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2236613

reference_id

2236613

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2236613

reference_url

https://seclists.org/oss-sec/2023/q4/37

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/

url

https://seclists.org/oss-sec/2023/q4/37

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2023-4692

reference_id

CVE-2023-4692

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/

url

https://access.redhat.com/security/cve/CVE-2023-4692

reference_url

https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/

reference_id

cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/

url

https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/

reference_url

https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html

reference_id

msg00028.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/

url

https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html

reference_url

https://access.redhat.com/errata/RHSA-2024:2456

reference_id

RHSA-2024:2456

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/

url

https://access.redhat.com/errata/RHSA-2024:2456

reference_url

https://access.redhat.com/errata/RHSA-2024:3184

reference_id

RHSA-2024:3184

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/

url

https://access.redhat.com/errata/RHSA-2024:3184

reference_url	https://usn.ubuntu.com/6410-1/
reference_id	USN-6410-1
reference_type
scores
url	https://usn.ubuntu.com/6410-1/

fixed_packages

url pkg:deb/debian/grub2@2.06-3~deb11u6

purl pkg:deb/debian/grub2@2.06-3~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6

aliases CVE-2023-4692

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mut-ye1e-pbdx

url VCID-gjbg-nve3-m3gy

vulnerability_id VCID-gjbg-nve3-m3gy

summary Multiple vulnerabilities have been discoverd in GRUB, which may lead to secure boot circumvention or code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2601.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2601.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-2601

reference_id

reference_type

scores

value	0.00063
scoring_system	epss
scoring_elements	0.19708
published_at	2026-04-02T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19757
published_at	2026-04-04T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19481
published_at	2026-04-07T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.1956
published_at	2026-04-08T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19613
published_at	2026-04-09T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19617
published_at	2026-04-11T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19569
published_at	2026-04-12T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.1951
published_at	2026-04-13T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20491
published_at	2026-04-29T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.2065
published_at	2026-04-16T12:55:00Z

value	0.00067
scoring_system	epss
scoring_elements	0.20648
published_at	2026-04-18T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21128
published_at	2026-04-21T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.20999
published_at	2026-04-24T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21004
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-2601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2112975
reference_id	2112975
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2112975

reference_url	https://security.gentoo.org/glsa/202311-14
reference_id	GLSA-202311-14
reference_type
scores
url	https://security.gentoo.org/glsa/202311-14

reference_url	https://access.redhat.com/errata/RHSA-2022:8494
reference_id	RHSA-2022:8494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8494

reference_url	https://access.redhat.com/errata/RHSA-2022:8800
reference_id	RHSA-2022:8800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8800

reference_url	https://access.redhat.com/errata/RHSA-2022:8978
reference_id	RHSA-2022:8978
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8978

reference_url	https://access.redhat.com/errata/RHSA-2023:0047
reference_id	RHSA-2023:0047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0047

reference_url	https://access.redhat.com/errata/RHSA-2023:0048
reference_id	RHSA-2023:0048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0048

reference_url	https://access.redhat.com/errata/RHSA-2023:0049
reference_id	RHSA-2023:0049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0049

reference_url	https://access.redhat.com/errata/RHSA-2023:0752
reference_id	RHSA-2023:0752
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0752

reference_url	https://access.redhat.com/errata/RHSA-2024:2002
reference_id	RHSA-2024:2002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2002

fixed_packages

url pkg:deb/debian/grub2@2.06-3~deb11u6

purl pkg:deb/debian/grub2@2.06-3~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1tdk-6d8a-m7h8

vulnerability	VCID-1vtj-un1a-afax

vulnerability	VCID-29d7-asmu-e7ev

vulnerability	VCID-3vhv-ya75-cuhc

vulnerability	VCID-53x3-83by-gueq

vulnerability	VCID-5a7e-ctj7-dqab

vulnerability	VCID-5m3u-p8q4-kfhx

vulnerability	VCID-5m6c-h4j2-mqcg

vulnerability	VCID-5vyx-ut4z-jucd

vulnerability	VCID-6cpn-v8j3-7ub3

vulnerability	VCID-6tg5-6gjc-nygy

vulnerability	VCID-6vxc-35x2-3fek

vulnerability	VCID-c2vg-36gb-bqas

vulnerability	VCID-dn64-5ysd-yfer

vulnerability	VCID-gaet-924c-57dv

vulnerability	VCID-h2ca-d9yc-vbex

vulnerability	VCID-hn4b-sdcq-j3bx

vulnerability	VCID-nphq-62t2-b7bk

vulnerability	VCID-pjq7-bxwk-uqec

vulnerability	VCID-s86w-7czc-s3a9

vulnerability	VCID-sub1-vd8w-dka7

vulnerability	VCID-swtj-9pmu-4ugn

vulnerability	VCID-tkur-tbms-zkcz

vulnerability	VCID-ur99-cm1x-cfdm

vulnerability	VCID-wy3p-p9zf-r7ef

vulnerability	VCID-x57b-4ggt-5qdf

vulnerability	VCID-xamt-2k26-p3ev

vulnerability	VCID-xjtf-q3gz-7ug8

vulnerability	VCID-ymw1-gk3r-kfhz

vulnerability	VCID-yw2r-4rr8-pkfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6

aliases CVE-2022-2601

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjbg-nve3-m3gy

Risk_score 3.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6

Package Instance