{"id":"AZL-54683","summary":"CVE-2024-56737 affecting package grub2 for versions less than 2.06-15","details":"GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.","modified":"2026-04-01T05:18:21.645093Z","published":"2024-12-29T07:15:06Z","upstream":["CVE-2024-56737"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56737"}],"affected":[{"package":{"name":"grub2","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/grub2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.06-15"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54683.json"}}],"schema_version":"1.7.5"}