Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/138260?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/138260?format=api", "purl": "pkg:rpm/redhat/fwupd@1.1.4-4?arch=el8_1", "type": "rpm", "namespace": "redhat", "name": "fwupd", "version": "1.1.4-4", "qualifiers": { "arch": "el8_1" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71807?format=api", "vulnerability_id": "VCID-8q86-7n8k-tkdu", "summary": "A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25632.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04641", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04602", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04651", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04638", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04664", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879577", "reference_id": "1879577", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879577" }, { "reference_url": "https://security.archlinux.org/ASA-202106-43", "reference_id": "ASA-202106-43", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-43" }, { "reference_url": "https://security.archlinux.org/AVG-1629", "reference_id": "AVG-1629", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1629" }, { "reference_url": "https://security.gentoo.org/glsa/202104-05", "reference_id": "GLSA-202104-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0696", "reference_id": "RHSA-2021:0696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0697", "reference_id": "RHSA-2021:0697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0698", "reference_id": "RHSA-2021:0698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0699", "reference_id": "RHSA-2021:0699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0700", "reference_id": "RHSA-2021:0700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0701", "reference_id": "RHSA-2021:0701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0702", "reference_id": "RHSA-2021:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0703", "reference_id": "RHSA-2021:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0704", "reference_id": "RHSA-2021:0704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1734", "reference_id": "RHSA-2021:1734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2566", "reference_id": "RHSA-2021:2566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2790", "reference_id": "RHSA-2021:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3675", "reference_id": "RHSA-2021:3675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3675" }, { "reference_url": "https://usn.ubuntu.com/4992-1/", "reference_id": "USN-4992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4992-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-25632" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8q86-7n8k-tkdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71810?format=api", "vulnerability_id": "VCID-9n5w-ymmw-33b3", "summary": "A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27779.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27779.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27779", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08655", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0864", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08708", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08688", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08693", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900698", "reference_id": "1900698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900698" }, { "reference_url": "https://security.archlinux.org/ASA-202106-43", "reference_id": "ASA-202106-43", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-43" }, { "reference_url": "https://security.archlinux.org/AVG-1629", "reference_id": "AVG-1629", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1629" }, { "reference_url": "https://security.gentoo.org/glsa/202104-05", "reference_id": "GLSA-202104-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0696", "reference_id": "RHSA-2021:0696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0697", "reference_id": "RHSA-2021:0697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0698", "reference_id": "RHSA-2021:0698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0699", "reference_id": "RHSA-2021:0699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0700", "reference_id": "RHSA-2021:0700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0701", "reference_id": "RHSA-2021:0701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0702", "reference_id": "RHSA-2021:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0703", "reference_id": "RHSA-2021:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0704", "reference_id": "RHSA-2021:0704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1734", "reference_id": "RHSA-2021:1734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2566", "reference_id": "RHSA-2021:2566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2790", "reference_id": "RHSA-2021:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3675", "reference_id": "RHSA-2021:3675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3675" }, { "reference_url": "https://usn.ubuntu.com/4992-1/", "reference_id": "USN-4992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4992-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-27779" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9n5w-ymmw-33b3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71812?format=api", "vulnerability_id": "VCID-k4aq-hnnm-nuhg", "summary": "A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20233.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20233.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20233", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52345", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52365", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52413", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52393", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52405", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20233" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926263", "reference_id": "1926263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926263" }, { "reference_url": "https://security.archlinux.org/ASA-202106-43", "reference_id": "ASA-202106-43", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-43" }, { "reference_url": "https://security.archlinux.org/AVG-1629", "reference_id": "AVG-1629", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1629" }, { "reference_url": "https://security.gentoo.org/glsa/202104-05", "reference_id": "GLSA-202104-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0696", "reference_id": "RHSA-2021:0696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0697", "reference_id": "RHSA-2021:0697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0698", "reference_id": "RHSA-2021:0698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0699", "reference_id": "RHSA-2021:0699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0700", "reference_id": "RHSA-2021:0700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0701", "reference_id": "RHSA-2021:0701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0702", "reference_id": "RHSA-2021:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0703", "reference_id": "RHSA-2021:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0704", "reference_id": "RHSA-2021:0704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1734", "reference_id": "RHSA-2021:1734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2566", "reference_id": "RHSA-2021:2566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2790", "reference_id": "RHSA-2021:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3675", "reference_id": "RHSA-2021:3675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3675" }, { "reference_url": "https://usn.ubuntu.com/4992-1/", "reference_id": "USN-4992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4992-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2021-20233" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k4aq-hnnm-nuhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71808?format=api", "vulnerability_id": "VCID-ptxw-g4dm-c3c4", "summary": "A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25647.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25647.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25647", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00966", "published_at": "2026-06-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00969", "published_at": "2026-06-07T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00955", "published_at": "2026-06-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00967", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886936", "reference_id": "1886936", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886936" }, { "reference_url": "https://security.archlinux.org/ASA-202106-43", "reference_id": "ASA-202106-43", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-43" }, { "reference_url": "https://security.archlinux.org/AVG-1629", "reference_id": "AVG-1629", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1629" }, { "reference_url": "https://security.gentoo.org/glsa/202104-05", "reference_id": "GLSA-202104-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0696", "reference_id": "RHSA-2021:0696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0697", "reference_id": "RHSA-2021:0697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0698", "reference_id": "RHSA-2021:0698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0699", "reference_id": "RHSA-2021:0699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0700", "reference_id": "RHSA-2021:0700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0701", "reference_id": "RHSA-2021:0701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0702", "reference_id": "RHSA-2021:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0703", "reference_id": "RHSA-2021:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0704", "reference_id": "RHSA-2021:0704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1734", "reference_id": "RHSA-2021:1734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2566", "reference_id": "RHSA-2021:2566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2790", "reference_id": "RHSA-2021:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3675", "reference_id": "RHSA-2021:3675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3675" } ], "fixed_packages": [], "aliases": [ "CVE-2020-25647" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptxw-g4dm-c3c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71809?format=api", "vulnerability_id": "VCID-q6nz-dza2-hydy", "summary": "A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27749.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27749.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18595", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18553", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18675", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18635", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18673", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1899966", "reference_id": "1899966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1899966" }, { "reference_url": "https://security.archlinux.org/ASA-202106-43", "reference_id": "ASA-202106-43", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-43" }, { "reference_url": "https://security.archlinux.org/AVG-1629", "reference_id": "AVG-1629", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1629" }, { "reference_url": "https://security.gentoo.org/glsa/202104-05", "reference_id": "GLSA-202104-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0696", "reference_id": "RHSA-2021:0696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0697", "reference_id": "RHSA-2021:0697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0698", "reference_id": "RHSA-2021:0698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0699", "reference_id": "RHSA-2021:0699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0700", "reference_id": "RHSA-2021:0700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0701", "reference_id": "RHSA-2021:0701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0702", "reference_id": "RHSA-2021:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0703", "reference_id": "RHSA-2021:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0704", "reference_id": "RHSA-2021:0704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1734", "reference_id": "RHSA-2021:1734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2566", "reference_id": "RHSA-2021:2566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2790", "reference_id": "RHSA-2021:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3675", "reference_id": "RHSA-2021:3675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3675" }, { "reference_url": "https://usn.ubuntu.com/4992-1/", "reference_id": "USN-4992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4992-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-27749" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6nz-dza2-hydy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71803?format=api", "vulnerability_id": "VCID-vf7d-tsyt-jfbx", "summary": "A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14372.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14372.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14372", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.81157", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.81164", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.81161", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01884", "scoring_system": "epss", "scoring_elements": "0.83529", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01884", "scoring_system": "epss", "scoring_elements": "0.83505", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873150", "reference_id": "1873150", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873150" }, { "reference_url": "https://security.archlinux.org/ASA-202106-43", "reference_id": "ASA-202106-43", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-43" }, { "reference_url": "https://security.archlinux.org/AVG-1629", "reference_id": "AVG-1629", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1629" }, { "reference_url": "https://security.gentoo.org/glsa/202104-05", "reference_id": "GLSA-202104-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0696", "reference_id": "RHSA-2021:0696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0697", "reference_id": "RHSA-2021:0697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0698", "reference_id": "RHSA-2021:0698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0699", "reference_id": "RHSA-2021:0699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0700", "reference_id": "RHSA-2021:0700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0701", "reference_id": "RHSA-2021:0701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0702", "reference_id": "RHSA-2021:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0703", "reference_id": "RHSA-2021:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0704", "reference_id": "RHSA-2021:0704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1734", "reference_id": "RHSA-2021:1734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2566", "reference_id": "RHSA-2021:2566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2790", "reference_id": "RHSA-2021:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3675", "reference_id": "RHSA-2021:3675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3675" }, { "reference_url": "https://usn.ubuntu.com/4992-1/", "reference_id": "USN-4992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4992-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14372" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vf7d-tsyt-jfbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71811?format=api", "vulnerability_id": "VCID-wv89-dxd6-hkgy", "summary": "A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20225.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20225.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20225", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26847", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26849", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26942", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26903", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26949", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924696", "reference_id": "1924696", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924696" }, { "reference_url": "https://security.archlinux.org/ASA-202106-43", "reference_id": "ASA-202106-43", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-43" }, { "reference_url": "https://security.archlinux.org/AVG-1629", "reference_id": "AVG-1629", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1629" }, { "reference_url": "https://security.gentoo.org/glsa/202104-05", "reference_id": "GLSA-202104-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202104-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0696", "reference_id": "RHSA-2021:0696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0697", "reference_id": "RHSA-2021:0697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0698", "reference_id": "RHSA-2021:0698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0699", "reference_id": "RHSA-2021:0699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0700", "reference_id": "RHSA-2021:0700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0701", "reference_id": "RHSA-2021:0701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0702", "reference_id": "RHSA-2021:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0703", "reference_id": "RHSA-2021:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0704", "reference_id": "RHSA-2021:0704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1734", "reference_id": "RHSA-2021:1734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2566", "reference_id": "RHSA-2021:2566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2790", "reference_id": "RHSA-2021:2790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3675", "reference_id": "RHSA-2021:3675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3675" }, { "reference_url": "https://usn.ubuntu.com/4992-1/", "reference_id": "USN-4992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4992-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2021-20225" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wv89-dxd6-hkgy" } ], "fixing_vulnerabilities": [], "risk_score": "3.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/fwupd@1.1.4-4%3Farch=el8_1" }