Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-mf3u-dqu5-1bfa

Summary

Aliases

alias	CVE-2025-4382

Fixed_packages

url	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
purl	pkg:deb/debian/grub2@2.12-1~bpo12%2B1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-1~bpo12%252B1

url	pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14~git20250718.0e36779-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14~git20250718.0e36779-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2?distro=trixie
purl	pkg:deb/debian/grub2@2.14-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2%3Fdistro=trixie

url	pkg:deb/debian/grub2@2.14-2
purl	pkg:deb/debian/grub2@2.14-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.14-2

Affected_packages

url pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

purl pkg:deb/debian/grub2@2.06-3~deb11u6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-19fk-tpf7-3keh

vulnerability	VCID-1cwr-bsrw-yfhs

vulnerability	VCID-2xx5-66mt-jqf4

vulnerability	VCID-3c3v-t8fw-a3bp

vulnerability	VCID-5u6c-cpn2-6ueh

vulnerability	VCID-65tq-9p6e-afe1

vulnerability	VCID-77hu-u8cr-4qg8

vulnerability	VCID-7d6c-2jmz-fkah

vulnerability	VCID-7esr-ftvb-t7dh

vulnerability	VCID-89v4-r1v3-jygv

vulnerability	VCID-aj84-4gqd-pqa3

vulnerability	VCID-c9rz-qwga-sfgd

vulnerability	VCID-e8d4-fx3j-1ud8

vulnerability	VCID-ecf6-7z9x-pqhd

vulnerability	VCID-jn6b-fmfw-eugr

vulnerability	VCID-jvfu-u9uq-y7bn

vulnerability	VCID-jzjj-9du8-57db

vulnerability	VCID-mf3u-dqu5-1bfa

vulnerability	VCID-pwm2-dz41-tfce

vulnerability	VCID-py3n-qaj2-bqdz

vulnerability	VCID-qaaw-enbz-guaa

vulnerability	VCID-rtyq-ag7v-zfe4

vulnerability	VCID-uyeg-bkhr-tkc3

vulnerability	VCID-uz42-m8vm-akeg

vulnerability	VCID-vyvj-41b9-67fg

vulnerability	VCID-wdgy-cyyp-fbgj

vulnerability	VCID-xbey-x9g3-duhq

vulnerability	VCID-yj3w-qnzb-b3ef

vulnerability	VCID-ysq1-8hgc-2qfp

vulnerability	VCID-zc2j-85t8-subn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-3~deb11u6

purl pkg:deb/debian/grub2@2.06-3~deb11u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-19fk-tpf7-3keh

vulnerability	VCID-1cwr-bsrw-yfhs

vulnerability	VCID-2xx5-66mt-jqf4

vulnerability	VCID-3c3v-t8fw-a3bp

vulnerability	VCID-5u6c-cpn2-6ueh

vulnerability	VCID-65tq-9p6e-afe1

vulnerability	VCID-77hu-u8cr-4qg8

vulnerability	VCID-7d6c-2jmz-fkah

vulnerability	VCID-7esr-ftvb-t7dh

vulnerability	VCID-89v4-r1v3-jygv

vulnerability	VCID-aj84-4gqd-pqa3

vulnerability	VCID-c9rz-qwga-sfgd

vulnerability	VCID-e8d4-fx3j-1ud8

vulnerability	VCID-ecf6-7z9x-pqhd

vulnerability	VCID-jn6b-fmfw-eugr

vulnerability	VCID-jvfu-u9uq-y7bn

vulnerability	VCID-jzjj-9du8-57db

vulnerability	VCID-mf3u-dqu5-1bfa

vulnerability	VCID-pwm2-dz41-tfce

vulnerability	VCID-py3n-qaj2-bqdz

vulnerability	VCID-qaaw-enbz-guaa

vulnerability	VCID-rtyq-ag7v-zfe4

vulnerability	VCID-uyeg-bkhr-tkc3

vulnerability	VCID-uz42-m8vm-akeg

vulnerability	VCID-vyvj-41b9-67fg

vulnerability	VCID-wdgy-cyyp-fbgj

vulnerability	VCID-xbey-x9g3-duhq

vulnerability	VCID-yj3w-qnzb-b3ef

vulnerability	VCID-ysq1-8hgc-2qfp

vulnerability	VCID-zc2j-85t8-subn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-3~deb11u6

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-19fk-tpf7-3keh

vulnerability	VCID-3c3v-t8fw-a3bp

vulnerability	VCID-e8d4-fx3j-1ud8

vulnerability	VCID-mf3u-dqu5-1bfa

vulnerability	VCID-qaaw-enbz-guaa

vulnerability	VCID-uyeg-bkhr-tkc3

vulnerability	VCID-vyvj-41b9-67fg

vulnerability	VCID-xbey-x9g3-duhq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/grub2@2.06-13%2Bdeb12u2

purl pkg:deb/debian/grub2@2.06-13%2Bdeb12u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-19fk-tpf7-3keh

vulnerability	VCID-3c3v-t8fw-a3bp

vulnerability	VCID-e8d4-fx3j-1ud8

vulnerability	VCID-mf3u-dqu5-1bfa

vulnerability	VCID-qaaw-enbz-guaa

vulnerability	VCID-uyeg-bkhr-tkc3

vulnerability	VCID-vyvj-41b9-67fg

vulnerability	VCID-xbey-x9g3-duhq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.06-13%252Bdeb12u2

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-19fk-tpf7-3keh

vulnerability	VCID-3c3v-t8fw-a3bp

vulnerability	VCID-e8d4-fx3j-1ud8

vulnerability	VCID-mf3u-dqu5-1bfa

vulnerability	VCID-qaaw-enbz-guaa

vulnerability	VCID-uyeg-bkhr-tkc3

vulnerability	VCID-vyvj-41b9-67fg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/grub2@2.12-9%2Bdeb13u2

purl pkg:deb/debian/grub2@2.12-9%2Bdeb13u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-19fk-tpf7-3keh

vulnerability	VCID-3c3v-t8fw-a3bp

vulnerability	VCID-e8d4-fx3j-1ud8

vulnerability	VCID-mf3u-dqu5-1bfa

vulnerability	VCID-qaaw-enbz-guaa

vulnerability	VCID-uyeg-bkhr-tkc3

vulnerability	VCID-vyvj-41b9-67fg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/grub2@2.12-9%252Bdeb13u2

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4382.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4382.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4382

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.22513
published_at	2026-06-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22526
published_at	2026-06-13T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.2232
published_at	2026-06-11T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22509
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4382

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4382
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4382

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105108
reference_id	1105108
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-4382

reference_id

CVE-2025-4382

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/

url

https://access.redhat.com/security/cve/CVE-2025-4382

reference_url

https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=blobdiff;f=grub-core/kern/rescue_reader.c;h=a71ada8fb7da2eae6ee7135fe234fb1755ca78b0;hp=4259857ba9eea45446bc40ea13c3de4ab1b88ffd;hb=c448f511e74cb7c776b314fcb7943f98d3f22b6d;hpb=4abac0ad5a7914dd3cdfff08aaac06588bf98d80

reference_id

rescue_reader.c;h=a71ada8fb7da2eae6ee7135fe234fb1755ca78b0;hp=4259857ba9eea45446bc40ea13c3de4ab1b88ffd;hb=c448f511e74cb7c776b314fcb7943f98d3f22b6d;hpb=4abac0ad5a7914dd3cdfff08aaac06588bf98d80

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/

url

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2364416

reference_id

show_bug.cgi?id=2364416

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-09T13:23:09Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2364416

Weaknesses

cwe_id	306
name	Missing Authentication for Critical Function
description	The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Exploits

Severity_range_score 5.9 - 5.9

Exploitability 0.5

Weighted_severity 5.3

Risk_score 2.6

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mf3u-dqu5-1bfa

Vulnerability Instance