shim (SUSE:OpenStack Cloud 9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 9 package shim, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2020-10713 — CVSS 8.2 (high): A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process…
CVE-2022-28737 — CVSS 6.5 (medium): There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function…