grub2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the grub2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
L CVE-2025-0678	*
M Unchecked Return Value	*
L CVE-2025-0689	*
M Use After Free	*
M Trust Boundary Violation	*
L CVE-2025-0686	*
L CVE-2025-0685	*
L CVE-2024-45780	*
L CVE-2024-45782	*
L CVE-2025-1125	*
L CVE-2025-0684	*
M Improper Update of Reference Count	*
L CVE-2024-45778	*
L CVE-2024-45779	*
M Out-of-bounds Write	*
M Out-of-bounds Write	*
H Out-of-bounds Write	*
M CVE-2024-45781	*
L CVE-2025-0690	*
M Out-of-bounds Write	*
M Out-of-bounds Write	*
L CVE-2024-56737	*
L CVE-2024-56738	*
L CVE-2024-49504	*
H Out-of-bounds Write	<2.06-13+deb12u1
M Out-of-bounds Read	<2.06-13+deb12u1
H Out-of-bounds Write	<2.06-5
H Heap-based Buffer Overflow	<2.06-5
H CVE-2022-28735	<2.06-3
H Out-of-bounds Write	<2.06-3
H Out-of-bounds Write	<2.06-3
H Use After Free	<2.06-3
M Out-of-bounds Write	<2.06-3
H Integer Underflow	<2.06-3
M Out-of-bounds Write	<2.06-3
L Incorrect Default Permissions	<2.06-8
H Out-of-bounds Write	<2.04-16
M Out-of-bounds Write	<2.04-16
H Improper Authorization	<2.04-16
M Stack-based Buffer Overflow	<2.04-16
H Out-of-bounds Write	<2.04-16
H Use After Free	<2.04-16
H Incomplete Blacklist	<2.04-16
M Race Condition	<2.04-9
M Integer Overflow or Wraparound	<2.04-9
H Buffer Overflow	<2.04-9
M Integer Overflow or Wraparound	<2.04-9
M Integer Overflow or Wraparound	<2.04-9
M Integer Overflow or Wraparound	<2.04-9
M Race Condition	<2.04-9
L Out-of-Bounds	<2.02~beta2-8
H Access Restriction Bypass	<2.02~beta2-33
L Access Restriction Bypass	<2.00-20
H Improper Authentication	<1.97+20091115-1