Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/392327?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "type": "apk", "namespace": "alpine", "name": "librewolf", "version": "76.0-r0", "qualifiers": { "arch": "armv7", "distroversion": "v3.23", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "77.0-r0", "latest_non_vulnerable_version": "119.0-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63122?format=api", "vulnerability_id": "VCID-15mn-5hnv-w7f4", "summary": "The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.*Note: this issue only affects Firefox on Windows operating systems.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68126", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68111", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68077", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68114", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68014", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68035", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68055", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68033", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68085", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68099", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68124", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12389" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831945", "reference_id": "1831945", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831945" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12389" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-15mn-5hnv-w7f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63119?format=api", "vulnerability_id": "VCID-5666-pp89-aqc2", "summary": "The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution.*Note: this issue only affects Firefox on Windows operating systems.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65129", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65112", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65084", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.6512", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65001", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65051", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65077", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.6504", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.6509", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65103", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65122", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12393" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831946", "reference_id": "1831946", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831946" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18", "reference_id": "mfsa2020-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12393" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5666-pp89-aqc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35109?format=api", "vulnerability_id": "VCID-8hqw-tgvq-pucf", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12392.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36786", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36809", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36819", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36803", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36722", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36878", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36743", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36794", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831764", "reference_id": "1831764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831764" }, { "reference_url": "https://security.archlinux.org/ASA-202005-3", "reference_id": "ASA-202005-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-3" }, { "reference_url": "https://security.archlinux.org/ASA-202005-7", "reference_id": "ASA-202005-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-7" }, { "reference_url": "https://security.archlinux.org/AVG-1148", "reference_id": "AVG-1148", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1148" }, { "reference_url": "https://security.archlinux.org/AVG-1155", "reference_id": "AVG-1155", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1155" }, { "reference_url": "https://security.gentoo.org/glsa/202005-03", "reference_id": "GLSA-202005-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-03" }, { "reference_url": "https://security.gentoo.org/glsa/202005-04", "reference_id": "GLSA-202005-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18", "reference_id": "mfsa2020-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2031", "reference_id": "RHSA-2020:2031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2032", "reference_id": "RHSA-2020:2032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2033", "reference_id": "RHSA-2020:2033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2036", "reference_id": "RHSA-2020:2036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2037", "reference_id": "RHSA-2020:2037", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2046", "reference_id": "RHSA-2020:2046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2047", "reference_id": "RHSA-2020:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2048", "reference_id": "RHSA-2020:2048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2049", "reference_id": "RHSA-2020:2049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2050", "reference_id": "RHSA-2020:2050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2050" }, { "reference_url": "https://usn.ubuntu.com/4353-1/", "reference_id": "USN-4353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4353-1/" }, { "reference_url": "https://usn.ubuntu.com/4373-1/", "reference_id": "USN-4373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12392" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hqw-tgvq-pucf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35114?format=api", "vulnerability_id": "VCID-9c98-7zzd-p3f8", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12396.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68709", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68828", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68776", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68818", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68729", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68749", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68727", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68778", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.6882", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00576", "scoring_system": "epss", "scoring_elements": "0.68806", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12396" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834689", "reference_id": "1834689", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834689" }, { "reference_url": "https://security.archlinux.org/ASA-202005-3", "reference_id": "ASA-202005-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-3" }, { "reference_url": "https://security.archlinux.org/AVG-1148", "reference_id": "AVG-1148", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1148" }, { "reference_url": "https://security.gentoo.org/glsa/202005-04", "reference_id": "GLSA-202005-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://usn.ubuntu.com/4353-1/", "reference_id": "USN-4353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4353-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12396" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9c98-7zzd-p3f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63121?format=api", "vulnerability_id": "VCID-a68p-hcz6-jffj", "summary": "The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.*Note: this issue only affects Firefox on Windows operating systems.*", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72269", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.7223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72216", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72259", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72174", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72179", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.722", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72211", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72223", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72247", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831944", "reference_id": "1831944", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831944" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12388" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a68p-hcz6-jffj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35116?format=api", "vulnerability_id": "VCID-a6wm-rraf-gbh9", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6831.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6831.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6831", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90946", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90899", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.9091", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90917", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90926", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90924", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90949", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90874", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90879", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90889", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6831" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6423" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6431", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6431" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6432", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6432" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6433" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6442", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6442" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6444", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6444" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6455", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6455" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6465", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6465" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6482" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6485" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6486" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6489", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6489" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6490" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831763", "reference_id": "1831763", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831763" }, { "reference_url": "https://security.archlinux.org/ASA-202005-2", "reference_id": "ASA-202005-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-2" }, { "reference_url": "https://security.archlinux.org/ASA-202005-3", "reference_id": "ASA-202005-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-3" }, { "reference_url": "https://security.archlinux.org/ASA-202005-7", "reference_id": "ASA-202005-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-7" }, { "reference_url": "https://security.archlinux.org/AVG-1148", "reference_id": "AVG-1148", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1148" }, { "reference_url": "https://security.archlinux.org/AVG-1149", "reference_id": "AVG-1149", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1149" }, { "reference_url": "https://security.archlinux.org/AVG-1155", "reference_id": "AVG-1155", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1155" }, { "reference_url": "https://security.gentoo.org/glsa/202005-03", "reference_id": "GLSA-202005-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-03" }, { "reference_url": "https://security.gentoo.org/glsa/202005-04", "reference_id": "GLSA-202005-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18", "reference_id": "mfsa2020-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2031", "reference_id": "RHSA-2020:2031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2032", "reference_id": "RHSA-2020:2032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2033", "reference_id": "RHSA-2020:2033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2036", "reference_id": "RHSA-2020:2036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2037", "reference_id": "RHSA-2020:2037", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2046", "reference_id": "RHSA-2020:2046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2047", "reference_id": "RHSA-2020:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2048", "reference_id": "RHSA-2020:2048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2049", "reference_id": "RHSA-2020:2049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2050", "reference_id": "RHSA-2020:2050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2064", "reference_id": "RHSA-2020:2064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2064" }, { "reference_url": "https://usn.ubuntu.com/4353-1/", "reference_id": "USN-4353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4353-1/" }, { "reference_url": "https://usn.ubuntu.com/4373-1/", "reference_id": "USN-4373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-6831" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a6wm-rraf-gbh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35108?format=api", "vulnerability_id": "VCID-gfdf-pxta-xbg1", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.77003", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.76946", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.76958", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.76985", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.76964", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.7696", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.77001", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.76895", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.76901", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.76932", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00998", "scoring_system": "epss", "scoring_elements": "0.76914", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831761", "reference_id": "1831761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831761" }, { "reference_url": "https://security.archlinux.org/ASA-202005-3", "reference_id": "ASA-202005-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-3" }, { "reference_url": "https://security.archlinux.org/ASA-202005-7", "reference_id": "ASA-202005-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-7" }, { "reference_url": "https://security.archlinux.org/AVG-1148", "reference_id": "AVG-1148", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1148" }, { "reference_url": "https://security.archlinux.org/AVG-1155", "reference_id": "AVG-1155", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1155" }, { "reference_url": "https://security.gentoo.org/glsa/202005-03", "reference_id": "GLSA-202005-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-03" }, { "reference_url": "https://security.gentoo.org/glsa/202005-04", "reference_id": "GLSA-202005-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18", "reference_id": "mfsa2020-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2031", "reference_id": "RHSA-2020:2031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2032", "reference_id": "RHSA-2020:2032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2033", "reference_id": "RHSA-2020:2033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2036", "reference_id": "RHSA-2020:2036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2037", "reference_id": "RHSA-2020:2037", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2046", "reference_id": "RHSA-2020:2046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2047", "reference_id": "RHSA-2020:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2048", "reference_id": "RHSA-2020:2048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2049", "reference_id": "RHSA-2020:2049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2050", "reference_id": "RHSA-2020:2050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2050" }, { "reference_url": "https://usn.ubuntu.com/4353-1/", "reference_id": "USN-4353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4353-1/" }, { "reference_url": "https://usn.ubuntu.com/4373-1/", "reference_id": "USN-4373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12387" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfdf-pxta-xbg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35112?format=api", "vulnerability_id": "VCID-jajw-gyuh-v3dj", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12395.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79573", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79547", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79569", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79553", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79544", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79574", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79496", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79503", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79525", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.79512", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01275", "scoring_system": "epss", "scoring_elements": "0.7954", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831765", "reference_id": "1831765", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831765" }, { "reference_url": "https://security.archlinux.org/ASA-202005-3", "reference_id": "ASA-202005-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-3" }, { "reference_url": "https://security.archlinux.org/ASA-202005-7", "reference_id": "ASA-202005-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-7" }, { "reference_url": "https://security.archlinux.org/AVG-1148", "reference_id": "AVG-1148", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1148" }, { "reference_url": "https://security.archlinux.org/AVG-1155", "reference_id": "AVG-1155", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1155" }, { "reference_url": "https://security.gentoo.org/glsa/202005-03", "reference_id": "GLSA-202005-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-03" }, { "reference_url": "https://security.gentoo.org/glsa/202005-04", "reference_id": "GLSA-202005-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17", "reference_id": "mfsa2020-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18", "reference_id": "mfsa2020-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2031", "reference_id": "RHSA-2020:2031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2032", "reference_id": "RHSA-2020:2032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2033", "reference_id": "RHSA-2020:2033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2036", "reference_id": "RHSA-2020:2036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2037", "reference_id": "RHSA-2020:2037", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2046", "reference_id": "RHSA-2020:2046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2047", "reference_id": "RHSA-2020:2047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2048", "reference_id": "RHSA-2020:2048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2049", "reference_id": "RHSA-2020:2049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2050", "reference_id": "RHSA-2020:2050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2050" }, { "reference_url": "https://usn.ubuntu.com/4353-1/", "reference_id": "USN-4353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4353-1/" }, { "reference_url": "https://usn.ubuntu.com/4373-1/", "reference_id": "USN-4373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12395" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jajw-gyuh-v3dj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63123?format=api", "vulnerability_id": "VCID-v891-36x1-nfcj", "summary": "Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12390.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12390.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12390", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80876", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80971", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80934", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.8097", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80904", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80932", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80941", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80943", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12390" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834686", "reference_id": "1834686", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834686" }, { "reference_url": "https://security.archlinux.org/ASA-202005-3", "reference_id": "ASA-202005-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-3" }, { "reference_url": "https://security.archlinux.org/AVG-1148", "reference_id": "AVG-1148", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1148" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3557", "reference_id": "RHSA-2020:3557", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3557" }, { "reference_url": "https://usn.ubuntu.com/4353-1/", "reference_id": "USN-4353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4353-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12390" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v891-36x1-nfcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63124?format=api", "vulnerability_id": "VCID-x74h-4fwa-jqet", "summary": "Documents formed using data: URLs in an object element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12391.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71898", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71982", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71936", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71978", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71905", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71924", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71935", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71947", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71953", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12391" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834687", "reference_id": "1834687", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834687" }, { "reference_url": "https://security.archlinux.org/ASA-202005-3", "reference_id": "ASA-202005-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-3" }, { "reference_url": "https://security.archlinux.org/AVG-1148", "reference_id": "AVG-1148", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1148" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://usn.ubuntu.com/4353-1/", "reference_id": "USN-4353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4353-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12391" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x74h-4fwa-jqet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35110?format=api", "vulnerability_id": "VCID-xqzs-zt6z-dbew", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12394.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12394.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3539", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35539", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3551", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35549", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35589", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35615", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35497", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35543", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35568", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35578", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35533", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12394" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834688", "reference_id": "1834688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834688" }, { "reference_url": "https://security.archlinux.org/ASA-202005-3", "reference_id": "ASA-202005-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-3" }, { "reference_url": "https://security.archlinux.org/AVG-1148", "reference_id": "AVG-1148", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1148" }, { "reference_url": "https://security.gentoo.org/glsa/202005-04", "reference_id": "GLSA-202005-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16", "reference_id": "mfsa2020-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-16" }, { "reference_url": "https://usn.ubuntu.com/4353-1/", "reference_id": "USN-4353-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4353-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392327?format=api", "purl": "pkg:apk/alpine/librewolf@76.0-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2020-12394" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xqzs-zt6z-dbew" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@76.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community" }