{"url":"http://public2.vulnerablecode.io/api/packages/1035424?format=json","purl":"pkg:deb/debian/grub2@1.98%2B20100804-14%2Bsqueeze1","type":"deb","namespace":"debian","name":"grub2","version":"1.98+20100804-14+squeeze1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.06-13+deb12u2","latest_non_vulnerable_version":"2.14-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61371?format=json","vulnerability_id":"VCID-1a1n-tuft-ufhy","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14309.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14309","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.135","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13719","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13594","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1391","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13711","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13794","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13813","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13777","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13729","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13639","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13636","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13708","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14639","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1459","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852022","reference_id":"1852022","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852022"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"}],"aliases":["CVE-2020-14309"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1a1n-tuft-ufhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90645?format=json","vulnerability_id":"VCID-26tq-2zsm-67fz","summary":"A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4577.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4577.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4577","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36245","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36436","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36469","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36352","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36373","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36379","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36344","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36322","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36364","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36347","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36293","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36061","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36031","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.35944","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.35828","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4577"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632598","reference_id":"632598","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036844?format=json","purl":"pkg:deb/debian/grub2@2.02~beta2-18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a1n-tuft-ufhy"},{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-49ed-e97z-1kdm"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-dee9-zb16-sbeb"},{"vulnerability":"VCID-eek6-ufv4-kydb"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-p4uv-kcsu-fqbr"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-vuj2-9dc2-bbhv"},{"vulnerability":"VCID-wenh-wyf1-m3c1"},{"vulnerability":"VCID-wju5-h4aq-e7ag"},{"vulnerability":"VCID-wp1a-2ueg-mych"},{"vulnerability":"VCID-zqvy-2txw-9uhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.02~beta2-18"}],"aliases":["CVE-2013-4577"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26tq-2zsm-67fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56073?format=json","vulnerability_id":"VCID-2f6m-msj2-2fgy","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3697.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3697","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20483","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20827","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20774","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20765","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20757","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20589","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20942","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20716","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20793","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20854","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21106","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21234","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21103","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3697"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991687","reference_id":"1991687","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991687"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049818?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-gjbg-nve3-m3gy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u2"}],"aliases":["CVE-2021-3697"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2f6m-msj2-2fgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60837?format=json","vulnerability_id":"VCID-33ec-pjax-nkak","summary":"Multiple vulnerabilities have been discoverd in GRUB, which may lead to secure boot circumvention or code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3775.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3775","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23168","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23205","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2311","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23124","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23116","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23732","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23584","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23851","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24013","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24002","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23961","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138880","reference_id":"2138880","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138880"},{"reference_url":"https://security.gentoo.org/glsa/202311-14","reference_id":"GLSA-202311-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202311-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8494","reference_id":"RHSA-2022:8494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8800","reference_id":"RHSA-2022:8800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8978","reference_id":"RHSA-2022:8978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0047","reference_id":"RHSA-2023:0047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0048","reference_id":"RHSA-2023:0048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0049","reference_id":"RHSA-2023:0049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0752","reference_id":"RHSA-2023:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0752"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994626?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6"}],"aliases":["CVE-2022-3775"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-33ec-pjax-nkak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84248?format=json","vulnerability_id":"VCID-428v-jh9w-g3g6","summary":"grub2: Stack exhaustion in grub_ext2_read_block","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9763.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9763","reference_id":"","reference_type":"","scores":[{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80082","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80225","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80197","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80211","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80097","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80127","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80133","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80152","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80128","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80158","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80162","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80189","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9763"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:N/I:N/A:C"},{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463361","reference_id":"1463361","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463361"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869423","reference_id":"869423","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869423"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036844?format=json","purl":"pkg:deb/debian/grub2@2.02~beta2-18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a1n-tuft-ufhy"},{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-49ed-e97z-1kdm"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-dee9-zb16-sbeb"},{"vulnerability":"VCID-eek6-ufv4-kydb"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-p4uv-kcsu-fqbr"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-vuj2-9dc2-bbhv"},{"vulnerability":"VCID-wenh-wyf1-m3c1"},{"vulnerability":"VCID-wju5-h4aq-e7ag"},{"vulnerability":"VCID-wp1a-2ueg-mych"},{"vulnerability":"VCID-zqvy-2txw-9uhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.02~beta2-18"}],"aliases":["CVE-2017-9763"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-428v-jh9w-g3g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90993?format=json","vulnerability_id":"VCID-49ed-e97z-1kdm","summary":"regression update","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"}],"aliases":["DSA-4735-2 grub2"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-49ed-e97z-1kdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56077?format=json","vulnerability_id":"VCID-6jes-p579-uyg3","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28735.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28735.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28735","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04857","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04617","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04642","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04654","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04674","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04657","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04624","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04632","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04861","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05046","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05005","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04973","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28735","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:20:44Z/"}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28735"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001057","reference_id":"1001057","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001057"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2090857","reference_id":"2090857","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2090857"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/06/07/5","reference_id":"5","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:20:44Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/06/07/5"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230825-0002/","reference_id":"ntap-20230825-0002","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:20:44Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230825-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049818?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-gjbg-nve3-m3gy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u2"}],"aliases":["CVE-2022-28735"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6jes-p579-uyg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61382?format=json","vulnerability_id":"VCID-744c-pb2n-5kf4","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20225.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20225.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20225","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21354","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21485","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21473","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21446","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21389","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21385","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21392","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21359","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.2152","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21579","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21334","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21412","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22447","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22554","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22545","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22544","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924696","reference_id":"1924696","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924696"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"},{"url":"http://public2.vulnerablecode.io/api/packages/1049567?format=json","purl":"pkg:deb/debian/grub2@2.06-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-2"}],"aliases":["CVE-2021-20225"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-744c-pb2n-5kf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61381?format=json","vulnerability_id":"VCID-8axp-fasm-8ka4","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27779.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27779.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27779","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0363","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03492","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03618","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03625","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03629","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03579","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03581","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03603","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03559","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0353","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03505","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0348","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05398","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05431","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05358","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900698","reference_id":"1900698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900698"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"},{"url":"http://public2.vulnerablecode.io/api/packages/1049567?format=json","purl":"pkg:deb/debian/grub2@2.06-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-2"}],"aliases":["CVE-2020-27779"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8axp-fasm-8ka4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78044?format=json","vulnerability_id":"VCID-8kh4-ym2x-k3he","summary":"grub2: out-of-bounds read at fs/ntfs.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4693.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4693","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01177","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00935","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00939","published_at":"2026-04-07T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00942","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00938","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00927","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00922","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00924","published_at":"2026-04-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0092","published_at":"2026-04-16T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00928","published_at":"2026-04-18T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00979","published_at":"2026-04-21T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00981","published_at":"2026-04-24T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00985","published_at":"2026-04-26T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00978","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238343","reference_id":"2238343","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2456","reference_id":"RHSA-2024:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3184","reference_id":"RHSA-2024:3184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3184"},{"reference_url":"https://usn.ubuntu.com/6410-1/","reference_id":"USN-6410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6410-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994626?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6"}],"aliases":["CVE-2023-4693"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8kh4-ym2x-k3he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56071?format=json","vulnerability_id":"VCID-8zje-6cet-h3a4","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3695.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3695","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18734","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18368","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18737","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18687","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18635","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18495","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18925","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18645","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18724","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18779","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18783","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19016","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19135","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19028","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3695"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991685","reference_id":"1991685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991685"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049818?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-gjbg-nve3-m3gy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u2"}],"aliases":["CVE-2021-3695"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zje-6cet-h3a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56075?format=json","vulnerability_id":"VCID-9dkn-kkgd-37ce","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28733.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28733.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28733","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28635","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29258","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29308","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2912","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29226","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29231","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29133","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29158","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29135","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28784","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29363","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2957","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29477","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:49:29Z/"}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083339","reference_id":"2083339","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083339"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/06/07/5","reference_id":"5","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:49:29Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/06/07/5"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230825-0002/","reference_id":"ntap-20230825-0002","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:49:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230825-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5678","reference_id":"RHSA-2022:5678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8900","reference_id":"RHSA-2022:8900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8900"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049818?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-gjbg-nve3-m3gy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u2"}],"aliases":["CVE-2022-28733"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9dkn-kkgd-37ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78043?format=json","vulnerability_id":"VCID-9mut-ye1e-pbdx","summary":"grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4692.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4692","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.0019","published_at":"2026-05-05T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00161","published_at":"2026-04-02T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00163","published_at":"2026-04-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00165","published_at":"2026-04-16T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00164","published_at":"2026-04-13T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00166","published_at":"2026-04-29T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00168","published_at":"2026-04-21T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.0017","published_at":"2026-04-24T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00169","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236613","reference_id":"2236613","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236613"},{"reference_url":"https://seclists.org/oss-sec/2023/q4/37","reference_id":"37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://seclists.org/oss-sec/2023/q4/37"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-4692","reference_id":"CVE-2023-4692","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-4692"},{"reference_url":"https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/","reference_id":"cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2456","reference_id":"RHSA-2024:2456","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3184","reference_id":"RHSA-2024:3184","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3184"},{"reference_url":"https://usn.ubuntu.com/6410-1/","reference_id":"USN-6410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6410-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994626?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6"}],"aliases":["CVE-2023-4692"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mut-ye1e-pbdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61377?format=json","vulnerability_id":"VCID-dee9-zb16-sbeb","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15707.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15707.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15707","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09113","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09118","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0917","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09094","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09174","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09205","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09207","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09176","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09162","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09056","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09035","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09193","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09238","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09181","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09155","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09066","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15707"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861581","reference_id":"1861581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861581"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"}],"aliases":["CVE-2020-15707"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dee9-zb16-sbeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61372?format=json","vulnerability_id":"VCID-eek6-ufv4-kydb","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14310.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14310.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14310","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16642","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16834","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16816","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16771","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1716","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16938","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17026","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17085","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1706","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17013","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16953","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1689","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16893","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1693","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18735","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852030","reference_id":"1852030","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852030"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"}],"aliases":["CVE-2020-14310"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eek6-ufv4-kydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61383?format=json","vulnerability_id":"VCID-f6ad-7qb1-9bcd","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20233.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20233","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38614","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38769","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38756","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38732","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38751","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38729","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.3865","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38744","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38766","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38695","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38745","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40259","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40497","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40484","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40401","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926263","reference_id":"1926263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926263"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"},{"url":"http://public2.vulnerablecode.io/api/packages/1049567?format=json","purl":"pkg:deb/debian/grub2@2.06-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-2"}],"aliases":["CVE-2021-20233"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f6ad-7qb1-9bcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56076?format=json","vulnerability_id":"VCID-g3tz-5rzv-wkgk","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28734.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28734.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28734","reference_id":"","reference_type":"","scores":[{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.3177","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32062","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31897","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34367","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34396","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34399","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34359","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34336","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.3437","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34357","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33721","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34429","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34457","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34324","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33841","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28734"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28734","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28734"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2090463","reference_id":"2090463","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2090463"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049818?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-gjbg-nve3-m3gy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u2"}],"aliases":["CVE-2022-28734"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3tz-5rzv-wkgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60836?format=json","vulnerability_id":"VCID-gjbg-nve3-m3gy","summary":"Multiple vulnerabilities have been discoverd in GRUB, which may lead to secure boot circumvention or code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2601.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2601","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19708","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19757","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19481","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1956","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19613","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19617","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19569","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1951","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19275","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2065","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20648","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20491","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.20999","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21128","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21004","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112975","reference_id":"2112975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112975"},{"reference_url":"https://security.gentoo.org/glsa/202311-14","reference_id":"GLSA-202311-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202311-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8494","reference_id":"RHSA-2022:8494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8800","reference_id":"RHSA-2022:8800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8978","reference_id":"RHSA-2022:8978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0047","reference_id":"RHSA-2023:0047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0048","reference_id":"RHSA-2023:0048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0049","reference_id":"RHSA-2023:0049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0752","reference_id":"RHSA-2023:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2002","reference_id":"RHSA-2024:2002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994626?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6"}],"aliases":["CVE-2022-2601"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gjbg-nve3-m3gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61380?format=json","vulnerability_id":"VCID-m4y5-twzm-dqcw","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27749.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27749","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1402","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13745","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1393","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13862","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14102","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13966","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14049","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14101","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14046","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14008","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13957","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13857","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13851","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13922","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1899966","reference_id":"1899966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1899966"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"},{"url":"http://public2.vulnerablecode.io/api/packages/1049567?format=json","purl":"pkg:deb/debian/grub2@2.06-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-2"}],"aliases":["CVE-2020-27749"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m4y5-twzm-dqcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61379?format=json","vulnerability_id":"VCID-m5vd-4m54-6ygc","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25647.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25647.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25647","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0116","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01158","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01168","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01174","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01175","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01153","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01449","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01461","published_at":"2026-04-02T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00917","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00858","published_at":"2026-04-16T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0092","published_at":"2026-04-26T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00915","published_at":"2026-04-29T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00913","published_at":"2026-04-21T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00916","published_at":"2026-04-24T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00865","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1886936","reference_id":"1886936","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1886936"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"},{"url":"http://public2.vulnerablecode.io/api/packages/1049567?format=json","purl":"pkg:deb/debian/grub2@2.06-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-2"}],"aliases":["CVE-2020-25647"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5vd-4m54-6ygc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56072?format=json","vulnerability_id":"VCID-nn2e-jq31-n7bc","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3696.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3696","reference_id":"","reference_type":"","scores":[{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29993","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29457","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29949","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.299","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29917","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29897","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29599","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30033","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.3008","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29893","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29954","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.2999","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30138","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30313","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30252","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3696"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991686","reference_id":"1991686","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991686"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049818?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-gjbg-nve3-m3gy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u2"}],"aliases":["CVE-2021-3696"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nn2e-jq31-n7bc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61376?format=json","vulnerability_id":"VCID-p4uv-kcsu-fqbr","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15706.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15706.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15706","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16186","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16431","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16228","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16314","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16378","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1636","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1632","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16253","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16189","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16207","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16245","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16136","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16133","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16094","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15973","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861118","reference_id":"1861118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861118"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"}],"aliases":["CVE-2020-15706"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p4uv-kcsu-fqbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61374?format=json","vulnerability_id":"VCID-uqg4-wh5j-6ud1","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14372.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14372.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14372","reference_id":"","reference_type":"","scores":[{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83261","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83199","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83221","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83229","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83236","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83145","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83153","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83162","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83158","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83195","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83196","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02096","scoring_system":"epss","scoring_elements":"0.83992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02096","scoring_system":"epss","scoring_elements":"0.83978","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873150","reference_id":"1873150","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873150"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"},{"url":"http://public2.vulnerablecode.io/api/packages/1049567?format=json","purl":"pkg:deb/debian/grub2@2.06-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-2"}],"aliases":["CVE-2020-14372"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqg4-wh5j-6ud1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61378?format=json","vulnerability_id":"VCID-v98w-vw6u-dyb3","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25632.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25632.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25632","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05386","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05157","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0516","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05313","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05351","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05393","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.061","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06141","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06131","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06127","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0612","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06078","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0606","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06945","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06841","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879577","reference_id":"1879577","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879577"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"},{"url":"http://public2.vulnerablecode.io/api/packages/1049567?format=json","purl":"pkg:deb/debian/grub2@2.06-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-2"}],"aliases":["CVE-2020-25632"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v98w-vw6u-dyb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61370?format=json","vulnerability_id":"VCID-vuj2-9dc2-bbhv","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14308.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14308","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09779","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0985","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.099","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09798","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0987","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09922","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09928","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09891","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09875","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09758","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0973","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09927","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09893","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09851","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09768","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852009","reference_id":"1852009","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852009"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"}],"aliases":["CVE-2020-14308"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vuj2-9dc2-bbhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61369?format=json","vulnerability_id":"VCID-wenh-wyf1-m3c1","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10713.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10713.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10713","reference_id":"","reference_type":"","scores":[{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49207","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49238","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49266","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49218","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49272","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49269","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.4926","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49265","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49312","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49309","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49278","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49267","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49275","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49234","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49149","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825243","reference_id":"1825243","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825243"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4115","reference_id":"RHSA-2020:4115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4172","reference_id":"RHSA-2020:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4172"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"}],"aliases":["CVE-2020-10713"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wenh-wyf1-m3c1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48448?format=json","vulnerability_id":"VCID-wju5-h4aq-e7ag","summary":"GRUB's authentication prompt can be bypassed by entering a sequence\n    of backspace characters.","references":[{"reference_url":"http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173703.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173703.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174049.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174049.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00041.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00043.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00043.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00044.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00044.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00003.html"},{"reference_url":"http://packetstormsecurity.com/files/134831/Grub2-Authentication-Bypass.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://packetstormsecurity.com/files/134831/Grub2-Authentication-Bypass.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2623.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2623.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8370.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8370.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8370","reference_id":"","reference_type":"","scores":[{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89815","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89738","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89753","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89754","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89772","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89778","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89785","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89783","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89776","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89792","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89786","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89801","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89802","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89735","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370"},{"reference_url":"http://seclists.org/fulldisclosure/2015/Dec/69","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://seclists.org/fulldisclosure/2015/Dec/69"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2015/dsa-3421","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.debian.org/security/2015/dsa-3421"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/15/6","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/12/15/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/15/3","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/15/3"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/archive/1/537115/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.securityfocus.com/archive/1/537115/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/79358","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.securityfocus.com/bid/79358"},{"reference_url":"http://www.securitytracker.com/id/1034422","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.securitytracker.com/id/1034422"},{"reference_url":"http://www.ubuntu.com/usn/USN-2836-1","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.ubuntu.com/usn/USN-2836-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1286966","reference_id":"1286966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1286966"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807614","reference_id":"807614","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807614"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:1.98:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:1.98:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:1.98:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:1.99:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:1.99:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:1.99:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.00:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:2.00:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.00:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:2.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:2.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8370","reference_id":"CVE-2015-8370","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8370"},{"reference_url":"https://security.gentoo.org/glsa/201512-03","reference_id":"GLSA-201512-03","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"https://security.gentoo.org/glsa/201512-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2623","reference_id":"RHSA-2015:2623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2623"},{"reference_url":"https://usn.ubuntu.com/2836-1/","reference_id":"USN-2836-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2836-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035427?format=json","purl":"pkg:deb/debian/grub2@1.99-27%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a1n-tuft-ufhy"},{"vulnerability":"VCID-26tq-2zsm-67fz"},{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-428v-jh9w-g3g6"},{"vulnerability":"VCID-49ed-e97z-1kdm"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-dee9-zb16-sbeb"},{"vulnerability":"VCID-eek6-ufv4-kydb"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-p4uv-kcsu-fqbr"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-vuj2-9dc2-bbhv"},{"vulnerability":"VCID-wenh-wyf1-m3c1"},{"vulnerability":"VCID-wju5-h4aq-e7ag"},{"vulnerability":"VCID-wp1a-2ueg-mych"},{"vulnerability":"VCID-zqvy-2txw-9uhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@1.99-27%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1036846?format=json","purl":"pkg:deb/debian/grub2@2.02~beta2-22%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a1n-tuft-ufhy"},{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-49ed-e97z-1kdm"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-dee9-zb16-sbeb"},{"vulnerability":"VCID-eek6-ufv4-kydb"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-p4uv-kcsu-fqbr"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-vuj2-9dc2-bbhv"},{"vulnerability":"VCID-wenh-wyf1-m3c1"},{"vulnerability":"VCID-wju5-h4aq-e7ag"},{"vulnerability":"VCID-wp1a-2ueg-mych"},{"vulnerability":"VCID-zqvy-2txw-9uhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.02~beta2-22%252Bdeb8u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037797?format=json","purl":"pkg:deb/debian/grub2@2.02~beta3-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a1n-tuft-ufhy"},{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-49ed-e97z-1kdm"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-dee9-zb16-sbeb"},{"vulnerability":"VCID-eek6-ufv4-kydb"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-p4uv-kcsu-fqbr"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-vuj2-9dc2-bbhv"},{"vulnerability":"VCID-wenh-wyf1-m3c1"},{"vulnerability":"VCID-wp1a-2ueg-mych"},{"vulnerability":"VCID-zqvy-2txw-9uhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.02~beta3-5"}],"aliases":["CVE-2015-8370"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wju5-h4aq-e7ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56078?format=json","vulnerability_id":"VCID-wp1a-2ueg-mych","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28736.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28736","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.091","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09147","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.092","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09124","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09204","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09233","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09236","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0919","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09085","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09066","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09188","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09558","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09545","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09592","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28736","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T18:53:03Z/"}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28736"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2092613","reference_id":"2092613","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2092613"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/06/07/5","reference_id":"5","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T18:53:03Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/06/07/5"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230825-0002/","reference_id":"ntap-20230825-0002","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T18:53:03Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230825-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049818?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-gjbg-nve3-m3gy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u2"}],"aliases":["CVE-2022-28736"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wp1a-2ueg-mych"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61373?format=json","vulnerability_id":"VCID-zqvy-2txw-9uhz","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14311.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14311.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14311","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09061","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09065","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09118","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09037","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09117","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09147","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09115","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.091","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.08996","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.08975","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09132","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09173","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09116","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09087","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09003","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852014","reference_id":"1852014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852014"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037800?format=json","purl":"pkg:deb/debian/grub2@2.04-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-wp1a-2ueg-mych"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-12"}],"aliases":["CVE-2020-14311"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zqvy-2txw-9uhz"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87996?format=json","vulnerability_id":"VCID-pyp5-qjk4-7bc3","summary":"grub2: Improper password checking","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4128.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4128.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4128","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11905","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12064","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11868","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11951","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12003","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12012","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11975","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11948","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11818","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11815","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11932","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11903","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11789","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11708","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4128"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=543153","reference_id":"543153","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=543153"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555195","reference_id":"555195","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555195"},{"reference_url":"https://usn.ubuntu.com/868-1/","reference_id":"USN-868-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/868-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035424?format=json","purl":"pkg:deb/debian/grub2@1.98%2B20100804-14%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a1n-tuft-ufhy"},{"vulnerability":"VCID-26tq-2zsm-67fz"},{"vulnerability":"VCID-2f6m-msj2-2fgy"},{"vulnerability":"VCID-33ec-pjax-nkak"},{"vulnerability":"VCID-428v-jh9w-g3g6"},{"vulnerability":"VCID-49ed-e97z-1kdm"},{"vulnerability":"VCID-6jes-p579-uyg3"},{"vulnerability":"VCID-744c-pb2n-5kf4"},{"vulnerability":"VCID-8axp-fasm-8ka4"},{"vulnerability":"VCID-8kh4-ym2x-k3he"},{"vulnerability":"VCID-8zje-6cet-h3a4"},{"vulnerability":"VCID-9dkn-kkgd-37ce"},{"vulnerability":"VCID-9mut-ye1e-pbdx"},{"vulnerability":"VCID-dee9-zb16-sbeb"},{"vulnerability":"VCID-eek6-ufv4-kydb"},{"vulnerability":"VCID-f6ad-7qb1-9bcd"},{"vulnerability":"VCID-g3tz-5rzv-wkgk"},{"vulnerability":"VCID-gjbg-nve3-m3gy"},{"vulnerability":"VCID-m4y5-twzm-dqcw"},{"vulnerability":"VCID-m5vd-4m54-6ygc"},{"vulnerability":"VCID-nn2e-jq31-n7bc"},{"vulnerability":"VCID-p4uv-kcsu-fqbr"},{"vulnerability":"VCID-uqg4-wh5j-6ud1"},{"vulnerability":"VCID-v98w-vw6u-dyb3"},{"vulnerability":"VCID-vuj2-9dc2-bbhv"},{"vulnerability":"VCID-wenh-wyf1-m3c1"},{"vulnerability":"VCID-wju5-h4aq-e7ag"},{"vulnerability":"VCID-wp1a-2ueg-mych"},{"vulnerability":"VCID-zqvy-2txw-9uhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@1.98%252B20100804-14%252Bsqueeze1"}],"aliases":["CVE-2009-4128"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pyp5-qjk4-7bc3"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@1.98%252B20100804-14%252Bsqueeze1"}