{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T08:50:16.612","vulnerabilities":[{"cve":{"id":"CVE-2025-1118","sourceIdentifier":"secalert@redhat.com","published":"2025-02-19T18:15:24.280","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory."},{"lang":"es","value":"Se encontró un defecto en Grub2. El comando de volcado de Grub no se bloquea cuando GRUB está en modo de bloqueo, lo que permite al usuario leer cualquier información de memoria, y un atacante puede aprovechar esto para extraer firmas, sales y otra información confidencial de la memoria."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-501"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:16154","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-1118","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346137","source":"secalert@redhat.com"},{"url":"https://git.savannah.gnu.org/cgit/grub.git/commit/?id=34824806ac6302f91e8cabaa41308eaced25725f","source":"secalert@redhat.com"},{"url":"https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html","source":"secalert@redhat.com"}]}}]}