{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","type":"deb","namespace":"debian","name":"grub2","version":"2.06-13+deb12u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.12~rc1-11","latest_non_vulnerable_version":"2.14-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66459?format=json","vulnerability_id":"VCID-1tdk-6d8a-m7h8","summary":"grub2: Missing unregister call for gettext command may lead to use-after-free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61662.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61662.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61662","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0151","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01495","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01502","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01506","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01494","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01664","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01668","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01757","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01768","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01762","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01492","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0422","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04241","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61662"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968","reference_id":"1120968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414683","reference_id":"2414683","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414683"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8","reference_id":"cpe:/a:redhat:openshift:4.12::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9","reference_id":"cpe:/a:redhat:openshift:4.13::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9","reference_id":"cpe:/a:redhat:openshift:4.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9","reference_id":"cpe:/a:redhat:openshift:4.18::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9","reference_id":"cpe:/a:redhat:openshift:4.19::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0","reference_id":"cpe:/o:redhat:enterprise_linux_eus:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-61662","reference_id":"CVE-2025-61662","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-61662"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.html","reference_id":"msg00155.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10097","reference_id":"RHSA-2026:10097","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4648","reference_id":"RHSA-2026:4648","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4649","reference_id":"RHSA-2026:4649","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4652","reference_id":"RHSA-2026:4652","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4653","reference_id":"RHSA-2026:4653","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4654","reference_id":"RHSA-2026:4654","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4760","reference_id":"RHSA-2026:4760","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4760"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4822","reference_id":"RHSA-2026:4822","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4823","reference_id":"RHSA-2026:4823","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4830","reference_id":"RHSA-2026:4830","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4900","reference_id":"RHSA-2026:4900","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4998","reference_id":"RHSA-2026:4998","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:4998"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5074","reference_id":"RHSA-2026:5074","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5127","reference_id":"RHSA-2026:5127","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5233","reference_id":"RHSA-2026:5233","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6492","reference_id":"RHSA-2026:6492","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:6492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7239","reference_id":"RHSA-2026:7239","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:7239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7243","reference_id":"RHSA-2026:7243","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-18T18:44:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:7243"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924483?format=json","purl":"pkg:deb/debian/grub2@2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61662"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tdk-6d8a-m7h8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71825?format=json","vulnerability_id":"VCID-1vtj-un1a-afax","summary":"grub2: jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0685.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0685.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0685","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17816","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18329","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18023","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17962","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18384","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18085","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18169","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18223","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18227","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1818","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18129","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18073","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18116","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0685"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346120","reference_id":"2346120","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:13:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346120"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0685","reference_id":"CVE-2025-0685","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:13:24Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0685"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0685"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vtj-un1a-afax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71820?format=json","vulnerability_id":"VCID-3vhv-ya75-cuhc","summary":"grub2: command/gpg: Use-after-free due to hooks not being removed on module unload","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0622.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0622","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00286","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00288","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00299","published_at":"2026-04-02T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0028","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00282","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00283","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00285","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00297","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00639","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00632","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0063","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0622"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345865","reference_id":"2345865","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345865"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0622","reference_id":"CVE-2025-0622","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0622"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16154","reference_id":"RHSA-2025:16154","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:16154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6990","reference_id":"RHSA-2025:6990","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T19:41:48Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0622"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3vhv-ya75-cuhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66457?format=json","vulnerability_id":"VCID-53x3-83by-gueq","summary":"grub2: Use-after-free in grub_file_close()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54771.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54771","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02629","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02519","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02605","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02617","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02767","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03981","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04023","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08462","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08442","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08427","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08378","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08458","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08405","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08467","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54771"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968","reference_id":"1120968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413823","reference_id":"2413823","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:17:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413823"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-54771","reference_id":"CVE-2025-54771","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:17:17Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-54771"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924483?format=json","purl":"pkg:deb/debian/grub2@2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-54771"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53x3-83by-gueq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71822?format=json","vulnerability_id":"VCID-5a7e-ctj7-dqab","summary":"grub2: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0677.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0677.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0677","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07751","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07753","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07813","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0783","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07825","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07812","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07712","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07688","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10062","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1004","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1002","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09963","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09897","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0677"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346116","reference_id":"2346116","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346116"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0677","reference_id":"CVE-2025-0677","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0677"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16154","reference_id":"RHSA-2025:16154","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:16154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6990","reference_id":"RHSA-2025:6990","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:39:38Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0677"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5a7e-ctj7-dqab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71947?format=json","vulnerability_id":"VCID-5m3u-p8q4-kfhx","summary":"grub2: commands/extcmd: Missing check for failed allocation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45775.json","reference_id":"","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45775","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07788","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07871","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07839","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07815","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07821","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07868","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07822","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0788","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07905","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07879","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07866","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07781","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07757","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0791","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337481","reference_id":"2337481","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:30Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337481"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45775","reference_id":"CVE-2024-45775","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:30Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6990","reference_id":"RHSA-2025:6990","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45775"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5m3u-p8q4-kfhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71831?format=json","vulnerability_id":"VCID-5m6c-h4j2-mqcg","summary":"grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45777.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45777","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06453","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06424","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06434","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06226","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06207","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06281","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06266","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06225","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06236","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06385","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45777"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346343","reference_id":"2346343","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:38:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346343"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45777","reference_id":"CVE-2024-45777","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:38:37Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20532","reference_id":"RHSA-2025:20532","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T18:38:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20532"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45777"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5m6c-h4j2-mqcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71827?format=json","vulnerability_id":"VCID-5vyx-ut4z-jucd","summary":"grub2: udf: Heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0689.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0689.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0689","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23204","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23094","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23056","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22887","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22882","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22879","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23248","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23038","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23111","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23164","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23184","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23146","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23088","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23102","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0689"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346122","reference_id":"2346122","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:08:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346122"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0689","reference_id":"CVE-2025-0689","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:08:10Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0689"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:08:10Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0689"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5vyx-ut4z-jucd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71813?format=json","vulnerability_id":"VCID-6cpn-v8j3-7ub3","summary":"grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write and Read.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45776.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45776","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06453","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06424","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06434","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06226","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06207","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06281","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06266","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06225","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06236","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06385","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339182","reference_id":"2339182","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:26Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2339182"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45776","reference_id":"CVE-2024-45776","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:26Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45776"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16154","reference_id":"RHSA-2025:16154","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:16154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6990","reference_id":"RHSA-2025:6990","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:26Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45776"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6cpn-v8j3-7ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71828?format=json","vulnerability_id":"VCID-6tg5-6gjc-nygy","summary":"grub2: read: Integer overflow may lead to out-of-bounds write","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0690.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0690","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00487","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00475","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00456","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00454","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0046","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00491","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00488","published_at":"2026-04-26T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00471","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00467","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00464","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00461","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00457","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0690"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346123","reference_id":"2346123","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T11:17:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346123"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0690","reference_id":"CVE-2025-0690","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T11:17:51Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0690"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T11:17:51Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6990","reference_id":"RHSA-2025:6990","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T11:17:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0690"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6tg5-6gjc-nygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71814?format=json","vulnerability_id":"VCID-6vxc-35x2-3fek","summary":"grub2: fs/bfs: Integer overflow in the BFS parser.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45778.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45778","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02288","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0231","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02271","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0246","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04331","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04352","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04363","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04395","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04411","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04406","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04391","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04375","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04342","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04351","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345640","reference_id":"2345640","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T16:17:31Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345640"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45778","reference_id":"CVE-2024-45778","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T16:17:31Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45778"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T16:17:31Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45778"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vxc-35x2-3fek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66461?format=json","vulnerability_id":"VCID-c2vg-36gb-bqas","summary":"grub2: Missing unregister call for normal_exit command may lead to use-after-free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61664.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61664.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61664","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03118","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02997","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03105","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03115","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03326","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04625","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04629","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06563","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06599","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06591","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06582","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06522","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06484","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06605","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61664"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968","reference_id":"1120968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414685","reference_id":"2414685","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:28:39Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414685"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-61664","reference_id":"CVE-2025-61664","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:28:39Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-61664"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924483?format=json","purl":"pkg:deb/debian/grub2@2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61664"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2vg-36gb-bqas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72261?format=json","vulnerability_id":"VCID-dn64-5ysd-yfer","summary":"grub2: heap-based buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56737.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56737","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34958","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35182","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.3516","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.3508","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35518","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35543","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35471","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35496","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35506","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35463","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35441","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35481","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.3547","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35418","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56737"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334772","reference_id":"2334772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2334772"},{"reference_url":"https://savannah.gnu.org/bugs/?66599","reference_id":"?66599","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-31T18:16:13Z/"}],"url":"https://savannah.gnu.org/bugs/?66599"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-56737"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dn64-5ysd-yfer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66456?format=json","vulnerability_id":"VCID-gaet-924c-57dv","summary":"grub2: Use-after-free in net_set_vlan","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54770.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54770.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54770","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02629","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02519","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02605","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02617","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02767","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03981","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04023","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08462","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08442","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08427","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08378","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08458","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08405","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08467","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54770"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968","reference_id":"1120968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413813","reference_id":"2413813","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:33:53Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413813"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-54770","reference_id":"CVE-2025-54770","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:33:53Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-54770"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924483?format=json","purl":"pkg:deb/debian/grub2@2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-54770"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gaet-924c-57dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71830?format=json","vulnerability_id":"VCID-h2ca-d9yc-vbex","summary":"grub2: fs/hfs: Integer overflow may lead to heap based out-of-bounds write","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1125.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1125.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1125","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19232","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19709","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19484","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19496","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19388","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19379","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1934","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19757","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19482","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19561","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19613","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19617","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19569","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19476","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1125"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346138","reference_id":"2346138","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:11:35Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346138"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-1125","reference_id":"CVE-2025-1125","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:11:35Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-1125"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:11:35Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-1125"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2ca-d9yc-vbex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71829?format=json","vulnerability_id":"VCID-hn4b-sdcq-j3bx","summary":"grub2: commands/dump: The dump command is not in lockdown when secure boot is enabled","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1118.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1118.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1118","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03929","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0392","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03941","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03947","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0397","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03921","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03892","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03871","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03881","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04819","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04816","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04723","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0476","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04796","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1118"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346137","reference_id":"2346137","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346137"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-1118","reference_id":"CVE-2025-1118","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-1118"},{"reference_url":"https://git.savannah.gnu.org/cgit/grub.git/commit/?id=34824806ac6302f91e8cabaa41308eaced25725f","reference_id":"?id=34824806ac6302f91e8cabaa41308eaced25725f","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/"}],"url":"https://git.savannah.gnu.org/cgit/grub.git/commit/?id=34824806ac6302f91e8cabaa41308eaced25725f"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16154","reference_id":"RHSA-2025:16154","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T17:23:06Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:16154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-1118"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hn4b-sdcq-j3bx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71824?format=json","vulnerability_id":"VCID-nphq-62t2-b7bk","summary":"grub2: reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0684.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0684.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0684","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07096","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.06999","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07115","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07121","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07081","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07052","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07032","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07086","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07117","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07116","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07105","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07095","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07031","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07016","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07148","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0684"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346119","reference_id":"2346119","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:14:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346119"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0684","reference_id":"CVE-2025-0684","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:14:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0684"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0684"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nphq-62t2-b7bk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71819?format=json","vulnerability_id":"VCID-pjq7-bxwk-uqec","summary":"grub2: fs/hfs+: refcount can be decremented twice","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45783.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45783","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03792","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03784","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03787","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03836","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03707","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03718","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03732","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03735","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03758","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03717","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03694","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03668","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03645","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03655","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03777","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345863","reference_id":"2345863","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:27Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345863"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45783","reference_id":"CVE-2024-45783","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:27Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6990","reference_id":"RHSA-2025:6990","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T14:42:27Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45783"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pjq7-bxwk-uqec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71833?format=json","vulnerability_id":"VCID-s86w-7czc-s3a9","summary":"grub2: reader/jpeg: Heap OOB Write during JPEG parsing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45774.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45774.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45774","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00157","published_at":"2026-05-05T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00156","published_at":"2026-04-18T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00155","published_at":"2026-04-13T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00154","published_at":"2026-04-08T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00158","published_at":"2026-04-21T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.0016","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45774"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337461","reference_id":"2337461","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T18:54:05Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337461"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45774","reference_id":"CVE-2024-45774","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T18:54:05Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45774"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T18:54:05Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6990","reference_id":"RHSA-2025:6990","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-18T18:54:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45774"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s86w-7czc-s3a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71821?format=json","vulnerability_id":"VCID-sub1-vd8w-dka7","summary":"grub2: net: Out-of-bounds write in grub_net_search_config_file()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0624.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0624","reference_id":"","reference_type":"","scores":[{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.7394","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73893","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73982","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73973","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73917","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73888","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73923","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73936","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73958","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00793","scoring_system":"epss","scoring_elements":"0.73932","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74369","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74365","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74373","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74372","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74331","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346112","reference_id":"2346112","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346112"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8","reference_id":"cpe:/a:redhat:openshift:4.12::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el9","reference_id":"cpe:/a:redhat:openshift:4.12::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8","reference_id":"cpe:/a:redhat:openshift:4.13::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9","reference_id":"cpe:/a:redhat:openshift:4.13::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8","reference_id":"cpe:/a:redhat:openshift:4.14::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9","reference_id":"cpe:/a:redhat:openshift:4.14::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8","reference_id":"cpe:/a:redhat:openshift:4.15::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9","reference_id":"cpe:/a:redhat:openshift:4.15::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9","reference_id":"cpe:/a:redhat:openshift:4.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9","reference_id":"cpe:/a:redhat:openshift:4.17::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9","reference_id":"cpe:/a:redhat:openshift:4.18::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_eus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0624","reference_id":"CVE-2025-0624","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2521","reference_id":"RHSA-2025:2521","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2653","reference_id":"RHSA-2025:2653","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2655","reference_id":"RHSA-2025:2655","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2675","reference_id":"RHSA-2025:2675","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2784","reference_id":"RHSA-2025:2784","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2799","reference_id":"RHSA-2025:2799","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2867","reference_id":"RHSA-2025:2867","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2869","reference_id":"RHSA-2025:2869","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3367","reference_id":"RHSA-2025:3367","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3396","reference_id":"RHSA-2025:3396","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3780","reference_id":"RHSA-2025:3780","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4422","reference_id":"RHSA-2025:4422","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:4422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7702","reference_id":"RHSA-2025:7702","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-19T03:55:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7702"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0624"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sub1-vd8w-dka7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69737?format=json","vulnerability_id":"VCID-swtj-9pmu-4ugn","summary":"grub2: grub allow access to encrypted device through CLI once root device is unlocked via TPM","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4382.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4382.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4382","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21899","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22328","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22207","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22161","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22021","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22007","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21994","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22373","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22157","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.2224","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22293","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22313","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22271","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22212","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22213","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4382"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105108","reference_id":"1105108","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105108"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364416","reference_id":"2364416","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364416"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-4382","reference_id":"CVE-2025-4382","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-4382"},{"reference_url":"https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=blobdiff;f=grub-core/kern/rescue_reader.c;h=a71ada8fb7da2eae6ee7135fe234fb1755ca78b0;hp=4259857ba9eea45446bc40ea13c3de4ab1b88ffd;hb=c448f511e74cb7c776b314fcb7943f98d3f22b6d;hpb=4abac0ad5a7914dd3cdfff08aaac06588bf98d80","reference_id":"rescue_reader.c;h=a71ada8fb7da2eae6ee7135fe234fb1755ca78b0;hp=4259857ba9eea45446bc40ea13c3de4ab1b88ffd;hb=c448f511e74cb7c776b314fcb7943f98d3f22b6d;hpb=4abac0ad5a7914dd3cdfff08aaac06588bf98d80","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/"}],"url":"https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=blobdiff;f=grub-core/kern/rescue_reader.c;h=a71ada8fb7da2eae6ee7135fe234fb1755ca78b0;hp=4259857ba9eea45446bc40ea13c3de4ab1b88ffd;hb=c448f511e74cb7c776b314fcb7943f98d3f22b6d;hpb=4abac0ad5a7914dd3cdfff08aaac06588bf98d80"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-4382"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swtj-9pmu-4ugn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71823?format=json","vulnerability_id":"VCID-tkur-tbms-zkcz","summary":"grub2: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0678.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0678.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0678","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07517","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07511","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07585","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07562","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07529","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07551","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07533","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07592","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0761","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07598","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07584","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07509","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07496","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07638","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346118","reference_id":"2346118","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:15:54Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346118"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0678","reference_id":"CVE-2025-0678","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:15:54Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0678"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0678"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tkur-tbms-zkcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66460?format=json","vulnerability_id":"VCID-ur99-cm1x-cfdm","summary":"grub2: Missing unregister call for normal commands may lead to use-after-free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61663.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61663.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61663","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05204","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05056","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05277","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05235","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0531","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06324","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06303","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08943","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08968","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08934","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08921","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08867","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08935","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08884","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08972","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61663"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968","reference_id":"1120968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414684","reference_id":"2414684","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:27:28Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414684"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-61663","reference_id":"CVE-2025-61663","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:27:28Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-61663"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924483?format=json","purl":"pkg:deb/debian/grub2@2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61663"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ur99-cm1x-cfdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66458?format=json","vulnerability_id":"VCID-wy3p-p9zf-r7ef","summary":"grub2: grub2: Out-of-bounds write via malicious USB device","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61661.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61661.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61661","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06666","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06514","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06689","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06676","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06892","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07467","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07474","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1179","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11853","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11814","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11787","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11707","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11921","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11876","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11843","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61661"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61661","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61661"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968","reference_id":"1120968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120968"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413827","reference_id":"2413827","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:18:04Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413827"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-61661","reference_id":"CVE-2025-61661","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:18:04Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-61661"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924483?format=json","purl":"pkg:deb/debian/grub2@2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61661"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wy3p-p9zf-r7ef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71816?format=json","vulnerability_id":"VCID-x57b-4ggt-5qdf","summary":"grub2: fs/tar: Integer Overflow causes Heap OOB Write","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45780.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45780.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45780","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06453","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06236","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06385","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06424","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06434","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06226","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06207","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06281","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06266","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06225","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45780"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45780"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345856","reference_id":"2345856","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:07:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345856"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45780","reference_id":"CVE-2024-45780","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:07:37Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45780"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-03T15:07:37Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45780"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x57b-4ggt-5qdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71818?format=json","vulnerability_id":"VCID-xamt-2k26-p3ev","summary":"grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45782.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45782","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00911","published_at":"2026-04-29T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00909","published_at":"2026-04-21T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00912","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00916","published_at":"2026-04-26T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00866","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00868","published_at":"2026-04-07T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00872","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0087","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00859","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00852","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00854","published_at":"2026-04-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00853","published_at":"2026-04-16T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0086","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45782"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345858","reference_id":"2345858","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:16:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345858"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45782","reference_id":"CVE-2024-45782","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:16:37Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45782"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45782"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xamt-2k26-p3ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71815?format=json","vulnerability_id":"VCID-xjtf-q3gz-7ug8","summary":"grub2: fs/bfs: Integer overflow leads to Heap OOB Read in the BFS parser","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45779.json","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45779.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45779","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0407","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03923","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04045","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0406","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04079","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04112","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03954","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03969","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03982","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03976","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0396","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0393","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03911","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45779"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345854","reference_id":"2345854","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T15:05:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345854"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45779","reference_id":"CVE-2024-45779","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T15:05:17Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45779"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-03T15:05:17Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45779"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xjtf-q3gz-7ug8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71826?format=json","vulnerability_id":"VCID-ymw1-gk3r-kfhz","summary":"grub2: romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dat","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0686.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0686.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0686","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17816","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18329","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18023","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17962","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18384","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18085","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18169","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18223","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18227","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1818","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18129","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18073","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18116","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0686"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346121","reference_id":"2346121","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:11:43Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346121"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-0686","reference_id":"CVE-2025-0686","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T16:11:43Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-0686"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2025-0686"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymw1-gk3r-kfhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71817?format=json","vulnerability_id":"VCID-yw2r-4rr8-pkfd","summary":"grub2: fs/ufs: OOB write in the heap","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45781.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45781.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45781","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06453","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06424","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06434","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06226","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06207","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0629","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06281","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06266","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06225","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06236","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06385","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45781"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319","reference_id":"1098319","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345857","reference_id":"2345857","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:23Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345857"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-45781","reference_id":"CVE-2024-45781","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:23Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-45781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16154","reference_id":"RHSA-2025:16154","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:23Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:16154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6990","reference_id":"RHSA-2025:6990","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:43:23Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924482?format=json","purl":"pkg:deb/debian/grub2@2.12-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-45781"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yw2r-4rr8-pkfd"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61371?format=json","vulnerability_id":"VCID-1a1n-tuft-ufhy","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14309.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14309","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.135","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13719","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13594","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1391","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13711","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13794","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13844","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13813","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13777","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13729","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13639","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13636","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13708","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14639","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1459","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852022","reference_id":"1852022","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852022"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924473?format=json","purl":"pkg:deb/debian/grub2@2.04-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-14309"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1a1n-tuft-ufhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90645?format=json","vulnerability_id":"VCID-26tq-2zsm-67fz","summary":"A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4577.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4577.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4577","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36245","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36436","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36469","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36352","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36373","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36379","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36344","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36322","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36364","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36347","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36293","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36061","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36031","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.35944","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.35828","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4577"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632598","reference_id":"632598","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924469?format=json","purl":"pkg:deb/debian/grub2@2.00-20?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.00-20%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2013-4577"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26tq-2zsm-67fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56074?format=json","vulnerability_id":"VCID-29d7-asmu-e7ev","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3981.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3981.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3981","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06521","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06586","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06621","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.066","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06649","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06692","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06684","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06675","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06604","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06596","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06754","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06736","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06745","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06768","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3981"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001414","reference_id":"1001414","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001414"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2024170","reference_id":"2024170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2024170"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2110","reference_id":"RHSA-2022:2110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2110"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924477?format=json","purl":"pkg:deb/debian/grub2@2.06-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2021-3981"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29d7-asmu-e7ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56073?format=json","vulnerability_id":"VCID-2f6m-msj2-2fgy","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3697.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3697","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20483","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20827","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20774","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20765","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20757","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20589","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20942","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20716","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20793","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20854","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21106","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21234","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21103","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3697"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991687","reference_id":"1991687","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991687"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924476?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924475?format=json","purl":"pkg:deb/debian/grub2@2.06-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2021-3697"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2f6m-msj2-2fgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60837?format=json","vulnerability_id":"VCID-33ec-pjax-nkak","summary":"Multiple vulnerabilities have been discoverd in GRUB, which may lead to secure boot circumvention or code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3775.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3775","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23168","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23205","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2311","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23124","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23116","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23732","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23513","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23584","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23851","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24013","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24002","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23961","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138880","reference_id":"2138880","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2138880"},{"reference_url":"https://security.gentoo.org/glsa/202311-14","reference_id":"GLSA-202311-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202311-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8494","reference_id":"RHSA-2022:8494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8800","reference_id":"RHSA-2022:8800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8978","reference_id":"RHSA-2022:8978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0047","reference_id":"RHSA-2023:0047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0048","reference_id":"RHSA-2023:0048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0049","reference_id":"RHSA-2023:0049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0752","reference_id":"RHSA-2023:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0752"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924479?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924478?format=json","purl":"pkg:deb/debian/grub2@2.06-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3775"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-33ec-pjax-nkak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84248?format=json","vulnerability_id":"VCID-428v-jh9w-g3g6","summary":"grub2: Stack exhaustion in grub_ext2_read_block","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9763.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9763","reference_id":"","reference_type":"","scores":[{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80082","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80225","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80197","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80211","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80097","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80127","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80133","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80152","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80128","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80158","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80162","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80189","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9763"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:N/I:N/A:C"},{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463361","reference_id":"1463361","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463361"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869423","reference_id":"869423","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869423"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924472?format=json","purl":"pkg:deb/debian/grub2@2.02~beta2-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.02~beta2-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9763"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-428v-jh9w-g3g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77850?format=json","vulnerability_id":"VCID-4nrc-eeyb-uqaz","summary":"grub2: bypass the GRUB password protection feature","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4001.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4001.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4001","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08962","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08934","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09087","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09129","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09077","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09047","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11035","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1086","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10991","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10799","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10973","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4001"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2224951","reference_id":"2224951","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-22T19:43:22Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2224951"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.0::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-4001","reference_id":"CVE-2023-4001","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-22T19:43:22Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-4001"},{"reference_url":"https://dfir.ru/2024/01/15/cve-2023-4001-a-vulnerability-in-the-downstream-grub-boot-manager/","reference_id":"cve-2023-4001-a-vulnerability-in-the-downstream-grub-boot-manager","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-22T19:43:22Z/"}],"url":"https://dfir.ru/2024/01/15/cve-2023-4001-a-vulnerability-in-the-downstream-grub-boot-manager/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0437","reference_id":"RHSA-2024:0437","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-22T19:43:22Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0456","reference_id":"RHSA-2024:0456","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-22T19:43:22Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0468","reference_id":"RHSA-2024:0468","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-22T19:43:22Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0468"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2023-4001"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4nrc-eeyb-uqaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56077?format=json","vulnerability_id":"VCID-6jes-p579-uyg3","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28735.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28735.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28735","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04857","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04617","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04642","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04654","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04674","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04657","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04624","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04632","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04861","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05046","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05005","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04973","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28735","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:20:44Z/"}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28735"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001057","reference_id":"1001057","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001057"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2090857","reference_id":"2090857","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2090857"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/06/07/5","reference_id":"5","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:20:44Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/06/07/5"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230825-0002/","reference_id":"ntap-20230825-0002","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:20:44Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230825-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924476?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924475?format=json","purl":"pkg:deb/debian/grub2@2.06-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2022-28735"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6jes-p579-uyg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61382?format=json","vulnerability_id":"VCID-744c-pb2n-5kf4","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20225.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20225.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20225","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21354","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21485","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21473","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21446","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21389","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21385","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21392","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21359","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.2152","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21579","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21334","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21412","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22447","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22554","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22545","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22544","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924696","reference_id":"1924696","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924696"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924474?format=json","purl":"pkg:deb/debian/grub2@2.04-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2021-20225"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-744c-pb2n-5kf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72802?format=json","vulnerability_id":"VCID-7m7x-bjrn-fkgg","summary":"grub2: grub2 allows bypassing TPM-bound disk encryption on SL(E)M encrypted Images","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49504.json","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-49504.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49504","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20843","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25363","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25532","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25525","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25477","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25823","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25593","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25666","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25712","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25724","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25682","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25626","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.2561","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25582","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49504"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2325913","reference_id":"2325913","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2325913"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49504","reference_id":"show_bug.cgi?id=CVE-2024-49504","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-13T18:31:10Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49504"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-49504"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7m7x-bjrn-fkgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61381?format=json","vulnerability_id":"VCID-8axp-fasm-8ka4","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27779.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27779.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27779","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0363","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03492","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03618","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03625","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03629","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03579","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03581","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03603","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03559","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0353","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03505","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0348","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05398","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05431","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05358","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900698","reference_id":"1900698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900698"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924474?format=json","purl":"pkg:deb/debian/grub2@2.04-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-27779"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8axp-fasm-8ka4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78044?format=json","vulnerability_id":"VCID-8kh4-ym2x-k3he","summary":"grub2: out-of-bounds read at fs/ntfs.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4693.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4693","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01177","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00935","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00939","published_at":"2026-04-07T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00942","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00938","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00927","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00922","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00924","published_at":"2026-04-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0092","published_at":"2026-04-16T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00928","published_at":"2026-04-18T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00979","published_at":"2026-04-21T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00981","published_at":"2026-04-24T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00985","published_at":"2026-04-26T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00978","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238343","reference_id":"2238343","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2456","reference_id":"RHSA-2024:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3184","reference_id":"RHSA-2024:3184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3184"},{"reference_url":"https://usn.ubuntu.com/6410-1/","reference_id":"USN-6410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6410-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924480?format=json","purl":"pkg:deb/debian/grub2@2.12~rc1-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12~rc1-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2023-4693"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8kh4-ym2x-k3he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56071?format=json","vulnerability_id":"VCID-8zje-6cet-h3a4","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3695.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3695","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18734","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18368","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18737","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18687","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18635","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18495","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18925","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18645","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18724","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18779","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18783","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19016","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19135","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19028","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3695"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991685","reference_id":"1991685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991685"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924476?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924475?format=json","purl":"pkg:deb/debian/grub2@2.06-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2021-3695"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zje-6cet-h3a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56075?format=json","vulnerability_id":"VCID-9dkn-kkgd-37ce","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28733.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28733.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28733","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28635","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29258","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29308","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2912","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29185","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29226","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29231","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29133","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29158","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29135","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28784","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29363","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2957","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29477","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:49:29Z/"}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28733"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083339","reference_id":"2083339","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2083339"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/06/07/5","reference_id":"5","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:49:29Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/06/07/5"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230825-0002/","reference_id":"ntap-20230825-0002","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T19:49:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230825-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5678","reference_id":"RHSA-2022:5678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8900","reference_id":"RHSA-2022:8900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8900"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924476?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924475?format=json","purl":"pkg:deb/debian/grub2@2.06-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2022-28733"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9dkn-kkgd-37ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78043?format=json","vulnerability_id":"VCID-9mut-ye1e-pbdx","summary":"grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4692.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4692","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.0019","published_at":"2026-05-05T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00161","published_at":"2026-04-02T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00163","published_at":"2026-04-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00165","published_at":"2026-04-16T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00164","published_at":"2026-04-13T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00166","published_at":"2026-04-29T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00168","published_at":"2026-04-21T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.0017","published_at":"2026-04-24T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00169","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4693"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236613","reference_id":"2236613","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236613"},{"reference_url":"https://seclists.org/oss-sec/2023/q4/37","reference_id":"37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://seclists.org/oss-sec/2023/q4/37"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-4692","reference_id":"CVE-2023-4692","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-4692"},{"reference_url":"https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/","reference_id":"cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/"},{"reference_url":"https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2456","reference_id":"RHSA-2024:2456","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3184","reference_id":"RHSA-2024:3184","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:23:06Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3184"},{"reference_url":"https://usn.ubuntu.com/6410-1/","reference_id":"USN-6410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6410-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924480?format=json","purl":"pkg:deb/debian/grub2@2.12~rc1-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12~rc1-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2023-4692"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mut-ye1e-pbdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85449?format=json","vulnerability_id":"VCID-ctvs-7qdg-ebh3","summary":"grub2: modules built in on EFI builds that allow loading arbitrary code, circumventing secure boot","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172611.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172611.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172942.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172942.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2401.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2401.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5281.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5281","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18478","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18852","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18987","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19039","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18763","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18844","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18895","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.189","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18802","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18752","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18764","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18783","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1867","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18648","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18604","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5281"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/77983","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/77983"},{"reference_url":"http://www.securitytracker.com/id/1034198","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034198"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264103","reference_id":"1264103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264103"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5281","reference_id":"CVE-2015-5281","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2401","reference_id":"RHSA-2015:2401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2401"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2015-5281"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ctvs-7qdg-ebh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61377?format=json","vulnerability_id":"VCID-dee9-zb16-sbeb","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15707.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15707.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15707","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09113","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09118","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0917","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09094","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09174","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09205","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09207","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09176","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09162","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09056","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09035","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09193","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09238","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09181","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09155","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09066","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15707"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861581","reference_id":"1861581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861581"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924473?format=json","purl":"pkg:deb/debian/grub2@2.04-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-15707"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dee9-zb16-sbeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61372?format=json","vulnerability_id":"VCID-eek6-ufv4-kydb","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14310.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14310.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14310","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16642","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16834","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16816","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16771","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1716","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16938","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17026","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17085","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1706","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17013","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16953","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1689","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16893","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1693","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.18735","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852030","reference_id":"1852030","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852030"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924473?format=json","purl":"pkg:deb/debian/grub2@2.04-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-14310"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eek6-ufv4-kydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61383?format=json","vulnerability_id":"VCID-f6ad-7qb1-9bcd","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20233.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20233","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38614","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38769","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38756","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38732","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38751","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38729","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.3865","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38744","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38766","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38695","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38745","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40259","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40497","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40484","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40401","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926263","reference_id":"1926263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926263"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924474?format=json","purl":"pkg:deb/debian/grub2@2.04-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2021-20233"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f6ad-7qb1-9bcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56076?format=json","vulnerability_id":"VCID-g3tz-5rzv-wkgk","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28734.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28734.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28734","reference_id":"","reference_type":"","scores":[{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.3177","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32062","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31897","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34367","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34396","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34399","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34359","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34336","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.3437","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34357","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33721","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34429","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34457","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34324","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33841","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28734"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28734","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28734"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2090463","reference_id":"2090463","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2090463"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924476?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924475?format=json","purl":"pkg:deb/debian/grub2@2.06-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2022-28734"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3tz-5rzv-wkgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60836?format=json","vulnerability_id":"VCID-gjbg-nve3-m3gy","summary":"Multiple vulnerabilities have been discoverd in GRUB, which may lead to secure boot circumvention or code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2601.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2601","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19708","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19757","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19481","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1956","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19613","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19617","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19569","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1951","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19275","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2065","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20648","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20491","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.20999","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21128","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21004","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112975","reference_id":"2112975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112975"},{"reference_url":"https://security.gentoo.org/glsa/202311-14","reference_id":"GLSA-202311-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202311-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8494","reference_id":"RHSA-2022:8494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8800","reference_id":"RHSA-2022:8800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8978","reference_id":"RHSA-2022:8978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0047","reference_id":"RHSA-2023:0047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0048","reference_id":"RHSA-2023:0048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0049","reference_id":"RHSA-2023:0049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0752","reference_id":"RHSA-2023:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2002","reference_id":"RHSA-2024:2002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924479?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924478?format=json","purl":"pkg:deb/debian/grub2@2.06-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2601"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gjbg-nve3-m3gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81804?format=json","vulnerability_id":"VCID-gjnt-nd6z-v3hf","summary":"grub2: grub2-set-bootflag utility causes grubenv corruption rendering the system non-bootable","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14865.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14865.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14865","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11329","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11467","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11527","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11312","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11394","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11452","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11457","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11424","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11395","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11257","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11258","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11386","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11326","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11283","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1122","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11155","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764925","reference_id":"1764925","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0335","reference_id":"RHSA-2020:0335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0335"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2019-14865"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gjnt-nd6z-v3hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/263111?format=json","vulnerability_id":"VCID-hn7g-vvzw-c7g5","summary":"A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46705","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13204","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13305","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13166","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13246","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13296","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13264","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13225","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13174","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13076","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13075","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1317","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13177","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13146","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13049","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12957","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46705"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2021-46705"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hn7g-vvzw-c7g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61375?format=json","vulnerability_id":"VCID-kf2m-fx4q-wbhz","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15705.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15705","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06531","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06476","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06497","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06509","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06315","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06297","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06344","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06384","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06376","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06361","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06299","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06312","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0646","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09259","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09257","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15705"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860978","reference_id":"1860978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860978"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-15705"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kf2m-fx4q-wbhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61380?format=json","vulnerability_id":"VCID-m4y5-twzm-dqcw","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27749.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27749","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1402","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13745","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1393","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13862","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14102","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13966","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14049","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14101","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14046","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14008","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13957","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13857","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13851","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13922","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1899966","reference_id":"1899966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1899966"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924474?format=json","purl":"pkg:deb/debian/grub2@2.04-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-27749"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m4y5-twzm-dqcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61379?format=json","vulnerability_id":"VCID-m5vd-4m54-6ygc","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25647.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25647.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25647","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0116","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01158","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01168","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01174","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01175","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01153","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01449","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01461","published_at":"2026-04-02T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00917","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00858","published_at":"2026-04-16T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0092","published_at":"2026-04-26T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00915","published_at":"2026-04-29T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00913","published_at":"2026-04-21T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00916","published_at":"2026-04-24T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00865","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1886936","reference_id":"1886936","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1886936"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924474?format=json","purl":"pkg:deb/debian/grub2@2.04-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-25647"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5vd-4m54-6ygc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56072?format=json","vulnerability_id":"VCID-nn2e-jq31-n7bc","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3696.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3696","reference_id":"","reference_type":"","scores":[{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29993","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29457","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29949","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.299","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29917","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29897","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29599","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30033","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.3008","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29893","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29954","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.2999","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30138","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30313","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30252","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3696"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991686","reference_id":"1991686","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1991686"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924476?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924475?format=json","purl":"pkg:deb/debian/grub2@2.06-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2021-3696"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nn2e-jq31-n7bc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80547?format=json","vulnerability_id":"VCID-nu7m-84c3-uyfu","summary":"grub2: grub 2.05 reintroduced CVE-2020-15705","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3418.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3418.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3418","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20164","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20016","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20384","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20522","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2049","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20888","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20601","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20678","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20738","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20757","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20715","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20663","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20649","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20638","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20526","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3418"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1933757","reference_id":"1933757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1933757"},{"reference_url":"https://security.archlinux.org/AVG-1630","reference_id":"AVG-1630","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1630"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2021-3418"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nu7m-84c3-uyfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77759?format=json","vulnerability_id":"VCID-nyx2-qahu-w7f1","summary":"grub2: grub2-set-bootflag can be abused by local (pseudo-)users","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1048.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1048.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1048","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01144","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01076","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01071","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01064","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01073","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01138","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01079","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01081","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01086","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01092","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01091","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1048"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256827","reference_id":"2256827","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-26T20:13:20Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256827"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/02/06/3","reference_id":"3","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-26T20:13:20Z/"}],"url":"https://www.openwall.com/lists/oss-security/2024/02/06/3"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-1048","reference_id":"CVE-2024-1048","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-26T20:13:20Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-1048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2456","reference_id":"RHSA-2024:2456","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-26T20:13:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3184","reference_id":"RHSA-2024:3184","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-26T20:13:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3184"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-1048"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyx2-qahu-w7f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61376?format=json","vulnerability_id":"VCID-p4uv-kcsu-fqbr","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15706.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15706.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15706","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16186","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16431","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16228","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16314","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16378","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1636","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1632","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16253","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16189","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16207","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16245","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16136","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16133","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16094","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15973","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861118","reference_id":"1861118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861118"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924473?format=json","purl":"pkg:deb/debian/grub2@2.04-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-15706"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p4uv-kcsu-fqbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76948?format=json","vulnerability_id":"VCID-psu8-3m29-7udp","summary":"grub2: grub-efi crashes upon `exit`","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2312.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2312","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05746","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05539","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05489","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05499","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05696","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05739","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05491","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05526","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05525","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05562","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05586","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05559","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05546","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127","reference_id":"2054127","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-21T15:39:12Z/"}],"url":"https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273912","reference_id":"2273912","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312","reference_id":"cvename.cgi?name=CVE-2024-2312","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-21T15:39:12Z/"}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2312"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0003/","reference_id":"ntap-20240426-0003","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-21T15:39:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0003/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924470?format=json","purl":"pkg:deb/debian/grub2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924481?format=json","purl":"pkg:deb/debian/grub2@2.12-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2024-2312"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-psu8-3m29-7udp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87996?format=json","vulnerability_id":"VCID-pyp5-qjk4-7bc3","summary":"grub2: Improper password checking","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4128.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4128.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4128","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11905","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12064","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11868","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11951","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12003","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12012","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11975","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11948","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11818","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11815","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11932","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11903","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11789","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11708","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4128"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=543153","reference_id":"543153","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=543153"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555195","reference_id":"555195","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555195"},{"reference_url":"https://usn.ubuntu.com/868-1/","reference_id":"USN-868-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/868-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924464?format=json","purl":"pkg:deb/debian/grub2@1.97%2B20091115-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@1.97%252B20091115-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2009-4128"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pyp5-qjk4-7bc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61374?format=json","vulnerability_id":"VCID-uqg4-wh5j-6ud1","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14372.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14372.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14372","reference_id":"","reference_type":"","scores":[{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83261","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83199","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83221","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83229","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83236","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83121","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83145","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83153","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83162","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83158","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83195","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01884","scoring_system":"epss","scoring_elements":"0.83196","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02096","scoring_system":"epss","scoring_elements":"0.83992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02096","scoring_system":"epss","scoring_elements":"0.83978","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873150","reference_id":"1873150","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873150"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924474?format=json","purl":"pkg:deb/debian/grub2@2.04-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-14372"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqg4-wh5j-6ud1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61378?format=json","vulnerability_id":"VCID-v98w-vw6u-dyb3","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25632.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25632.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25632","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05386","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05157","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0516","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05313","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05351","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05393","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.061","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06141","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06131","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06127","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0612","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06078","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0606","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06945","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06841","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879577","reference_id":"1879577","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879577"},{"reference_url":"https://security.archlinux.org/ASA-202106-43","reference_id":"ASA-202106-43","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-43"},{"reference_url":"https://security.archlinux.org/AVG-1629","reference_id":"AVG-1629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1629"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0696","reference_id":"RHSA-2021:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0697","reference_id":"RHSA-2021:0697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0698","reference_id":"RHSA-2021:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0699","reference_id":"RHSA-2021:0699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0700","reference_id":"RHSA-2021:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0701","reference_id":"RHSA-2021:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0702","reference_id":"RHSA-2021:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0703","reference_id":"RHSA-2021:0703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0704","reference_id":"RHSA-2021:0704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1734","reference_id":"RHSA-2021:1734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2566","reference_id":"RHSA-2021:2566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2790","reference_id":"RHSA-2021:2790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3675","reference_id":"RHSA-2021:3675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3675"},{"reference_url":"https://usn.ubuntu.com/4992-1/","reference_id":"USN-4992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4992-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924474?format=json","purl":"pkg:deb/debian/grub2@2.04-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-25632"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v98w-vw6u-dyb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61370?format=json","vulnerability_id":"VCID-vuj2-9dc2-bbhv","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14308.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14308","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09779","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0985","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.099","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09798","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0987","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09922","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09928","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09891","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09875","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09758","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0973","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09927","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09893","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09851","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09768","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852009","reference_id":"1852009","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852009"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924473?format=json","purl":"pkg:deb/debian/grub2@2.04-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-14308"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vuj2-9dc2-bbhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61369?format=json","vulnerability_id":"VCID-wenh-wyf1-m3c1","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10713.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10713.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10713","reference_id":"","reference_type":"","scores":[{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49207","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49238","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49266","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49218","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49272","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49269","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.4926","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49265","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49312","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49309","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49278","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49267","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49275","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49234","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49149","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825243","reference_id":"1825243","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825243"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4115","reference_id":"RHSA-2020:4115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4172","reference_id":"RHSA-2020:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4172"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924473?format=json","purl":"pkg:deb/debian/grub2@2.04-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-10713"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wenh-wyf1-m3c1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48448?format=json","vulnerability_id":"VCID-wju5-h4aq-e7ag","summary":"GRUB's authentication prompt can be bypassed by entering a sequence\n    of backspace characters.","references":[{"reference_url":"http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173703.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173703.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174049.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174049.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00041.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00041.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00043.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00043.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00044.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00044.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00003.html"},{"reference_url":"http://packetstormsecurity.com/files/134831/Grub2-Authentication-Bypass.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://packetstormsecurity.com/files/134831/Grub2-Authentication-Bypass.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2623.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2623.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8370.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8370.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8370","reference_id":"","reference_type":"","scores":[{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89815","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89738","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89753","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89754","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89772","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89778","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89785","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89783","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89776","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89792","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89786","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89801","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89802","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05055","scoring_system":"epss","scoring_elements":"0.89735","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370"},{"reference_url":"http://seclists.org/fulldisclosure/2015/Dec/69","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://seclists.org/fulldisclosure/2015/Dec/69"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2015/dsa-3421","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.debian.org/security/2015/dsa-3421"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/15/6","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/12/15/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/15/3","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/15/3"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/archive/1/537115/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.securityfocus.com/archive/1/537115/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/79358","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.securityfocus.com/bid/79358"},{"reference_url":"http://www.securitytracker.com/id/1034422","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.securitytracker.com/id/1034422"},{"reference_url":"http://www.ubuntu.com/usn/USN-2836-1","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"http://www.ubuntu.com/usn/USN-2836-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1286966","reference_id":"1286966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1286966"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807614","reference_id":"807614","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807614"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:1.98:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:1.98:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:1.98:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:1.99:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:1.99:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:1.99:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.00:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:2.00:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.00:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:2.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:grub2:2.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:grub2:2.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8370","reference_id":"CVE-2015-8370","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8370"},{"reference_url":"https://security.gentoo.org/glsa/201512-03","reference_id":"GLSA-201512-03","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-06T21:01:48Z/"}],"url":"https://security.gentoo.org/glsa/201512-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2623","reference_id":"RHSA-2015:2623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2623"},{"reference_url":"https://usn.ubuntu.com/2836-1/","reference_id":"USN-2836-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2836-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924471?format=json","purl":"pkg:deb/debian/grub2@2.02~beta2-33?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.02~beta2-33%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8370"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wju5-h4aq-e7ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56078?format=json","vulnerability_id":"VCID-wp1a-2ueg-mych","summary":"Multiple vulnerabilities have been discovered in GRUB, the worst of which may allow for secureboot bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28736.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28736","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.091","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09147","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.092","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09124","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09204","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09233","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09236","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0919","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09085","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09066","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09188","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09558","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09545","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09592","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28736","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T18:53:03Z/"}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28736"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2092613","reference_id":"2092613","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2092613"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/06/07/5","reference_id":"5","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T18:53:03Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/06/07/5"},{"reference_url":"https://security.archlinux.org/AVG-2762","reference_id":"AVG-2762","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2762"},{"reference_url":"https://security.gentoo.org/glsa/202209-12","reference_id":"GLSA-202209-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230825-0002/","reference_id":"ntap-20230825-0002","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-24T18:53:03Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230825-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5095","reference_id":"RHSA-2022:5095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5096","reference_id":"RHSA-2022:5096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5098","reference_id":"RHSA-2022:5098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5099","reference_id":"RHSA-2022:5099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5100","reference_id":"RHSA-2022:5100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5100"},{"reference_url":"https://usn.ubuntu.com/6355-1/","reference_id":"USN-6355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6355-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924476?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924475?format=json","purl":"pkg:deb/debian/grub2@2.06-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2022-28736"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wp1a-2ueg-mych"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61373?format=json","vulnerability_id":"VCID-zqvy-2txw-9uhz","summary":"Multiple vulnerabilities have been found in GRUB, the worst might\n    allow for circumvention of UEFI Secure Boot.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14311.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14311.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14311","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09061","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09065","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09118","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09037","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09117","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09147","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09115","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.091","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.08996","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.08975","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09132","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09173","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09116","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09087","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09003","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15707"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852014","reference_id":"1852014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852014"},{"reference_url":"https://security.gentoo.org/glsa/202104-05","reference_id":"GLSA-202104-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3216","reference_id":"RHSA-2020:3216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3217","reference_id":"RHSA-2020:3217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3223","reference_id":"RHSA-2020:3223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3227","reference_id":"RHSA-2020:3227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3271","reference_id":"RHSA-2020:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3273","reference_id":"RHSA-2020:3273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3274","reference_id":"RHSA-2020:3274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3275","reference_id":"RHSA-2020:3275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3276","reference_id":"RHSA-2020:3276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3276"},{"reference_url":"https://usn.ubuntu.com/4432-1/","reference_id":"USN-4432-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4432-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/924473?format=json","purl":"pkg:deb/debian/grub2@2.04-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.04-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924465?format=json","purl":"pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-29d7-asmu-e7ev"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924463?format=json","purl":"pkg:deb/debian/grub2@2.06-13%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-1vtj-un1a-afax"},{"vulnerability":"VCID-3vhv-ya75-cuhc"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-5a7e-ctj7-dqab"},{"vulnerability":"VCID-5m3u-p8q4-kfhx"},{"vulnerability":"VCID-5m6c-h4j2-mqcg"},{"vulnerability":"VCID-5vyx-ut4z-jucd"},{"vulnerability":"VCID-6cpn-v8j3-7ub3"},{"vulnerability":"VCID-6tg5-6gjc-nygy"},{"vulnerability":"VCID-6vxc-35x2-3fek"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-dn64-5ysd-yfer"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-h2ca-d9yc-vbex"},{"vulnerability":"VCID-hn4b-sdcq-j3bx"},{"vulnerability":"VCID-nphq-62t2-b7bk"},{"vulnerability":"VCID-pjq7-bxwk-uqec"},{"vulnerability":"VCID-s86w-7czc-s3a9"},{"vulnerability":"VCID-sub1-vd8w-dka7"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-tkur-tbms-zkcz"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"},{"vulnerability":"VCID-x57b-4ggt-5qdf"},{"vulnerability":"VCID-xamt-2k26-p3ev"},{"vulnerability":"VCID-xjtf-q3gz-7ug8"},{"vulnerability":"VCID-ymw1-gk3r-kfhz"},{"vulnerability":"VCID-yw2r-4rr8-pkfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924468?format=json","purl":"pkg:deb/debian/grub2@2.12-9%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-swtj-9pmu-4ugn"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924466?format=json","purl":"pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tdk-6d8a-m7h8"},{"vulnerability":"VCID-53x3-83by-gueq"},{"vulnerability":"VCID-c2vg-36gb-bqas"},{"vulnerability":"VCID-gaet-924c-57dv"},{"vulnerability":"VCID-ur99-cm1x-cfdm"},{"vulnerability":"VCID-wy3p-p9zf-r7ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/924467?format=json","purl":"pkg:deb/debian/grub2@2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie"}],"aliases":["CVE-2020-14311"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zqvy-2txw-9uhz"}],"risk_score":"3.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u1%3Fdistro=trixie"}