Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community

Type apk

Namespace alpine

Name librewolf

Version 74.0-r0

Qualifiers

arch	armhf
distroversion	v3.22
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 74.0.1-r0

Latest_non_vulnerable_version 119.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1a64-m2w1-hkhs

vulnerability_id VCID-1a64-m2w1-hkhs

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6814.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6814.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6814

reference_id

reference_type

scores

value	0.00837
scoring_system	epss
scoring_elements	0.74701
published_at	2026-04-16T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74664
published_at	2026-04-13T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74619
published_at	2026-04-01T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74673
published_at	2026-04-12T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74693
published_at	2026-04-11T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.7467
published_at	2026-04-09T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74655
published_at	2026-04-08T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74624
published_at	2026-04-07T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.7465
published_at	2026-04-04T12:55:00Z

value	0.00837
scoring_system	epss
scoring_elements	0.74623
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6814

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1592078%2C1604847%2C1608256%2C1612636%2C1614339
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1592078%2C1604847%2C1608256%2C1612636%2C1614339

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-09/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-10/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-10/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1812205
reference_id	1812205
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1812205

reference_url	https://security.archlinux.org/ASA-202003-11
reference_id	ASA-202003-11
reference_type
scores
url	https://security.archlinux.org/ASA-202003-11

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url

https://security.archlinux.org/AVG-1115

reference_id

AVG-1115

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
reference_id	cpe:2.3:a:mozilla:firefox_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6814

reference_id

CVE-2020-6814

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6814

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_id

mfsa2020-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_id

mfsa2020-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_url	https://access.redhat.com/errata/RHSA-2020:0815
reference_id	RHSA-2020:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0815

reference_url	https://access.redhat.com/errata/RHSA-2020:0816
reference_id	RHSA-2020:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0816

reference_url	https://access.redhat.com/errata/RHSA-2020:0819
reference_id	RHSA-2020:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0819

reference_url	https://access.redhat.com/errata/RHSA-2020:0820
reference_id	RHSA-2020:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0820

reference_url	https://access.redhat.com/errata/RHSA-2020:0905
reference_id	RHSA-2020:0905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0905

reference_url	https://access.redhat.com/errata/RHSA-2020:0914
reference_id	RHSA-2020:0914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0914

reference_url	https://access.redhat.com/errata/RHSA-2020:0918
reference_id	RHSA-2020:0918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0918

reference_url	https://access.redhat.com/errata/RHSA-2020:0919
reference_id	RHSA-2020:0919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0919

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6814

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1a64-m2w1-hkhs

url VCID-353s-ucdm-z7ck

vulnerability_id VCID-353s-ucdm-z7ck

summary After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6810.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6810.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6810

reference_id

reference_type

scores

value	0.00262
scoring_system	epss
scoring_elements	0.4954
published_at	2026-04-01T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49635
published_at	2026-04-16T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49604
published_at	2026-04-08T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49598
published_at	2026-04-09T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49615
published_at	2026-04-11T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49586
published_at	2026-04-12T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49588
published_at	2026-04-13T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.4957
published_at	2026-04-02T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49597
published_at	2026-04-04T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49549
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6810

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1432856
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1432856

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1829344
reference_id	1829344
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1829344

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6810

reference_id

CVE-2020-6810

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6810

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6810

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-353s-ucdm-z7ck

url VCID-dqm3-dse4-8bap

vulnerability_id VCID-dqm3-dse4-8bap

summary When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6808.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6808.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6808

reference_id

reference_type

scores

value	0.00356
scoring_system	epss
scoring_elements	0.57792
published_at	2026-04-01T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57932
published_at	2026-04-16T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57927
published_at	2026-04-08T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57928
published_at	2026-04-09T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57944
published_at	2026-04-11T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57922
published_at	2026-04-12T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57902
published_at	2026-04-13T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57876
published_at	2026-04-02T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57896
published_at	2026-04-04T12:55:00Z

value	0.00356
scoring_system	epss
scoring_elements	0.57871
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6808

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1247968
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1247968

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1829342
reference_id	1829342
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1829342

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6808

reference_id

CVE-2020-6808

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6808

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6808

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqm3-dse4-8bap

url VCID-jr81-ed7a-aqcp

vulnerability_id VCID-jr81-ed7a-aqcp

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6811.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6811.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6811

reference_id

reference_type

scores

value	0.01843
scoring_system	epss
scoring_elements	0.83002
published_at	2026-04-16T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.82963
published_at	2026-04-13T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.82899
published_at	2026-04-01T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.82967
published_at	2026-04-12T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.82972
published_at	2026-04-11T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.82957
published_at	2026-04-09T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.8295
published_at	2026-04-08T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.82925
published_at	2026-04-07T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.82929
published_at	2026-04-04T12:55:00Z

value	0.01843
scoring_system	epss
scoring_elements	0.82916
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6811

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1607742
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1607742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-09/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-10/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-10/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1812202
reference_id	1812202
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1812202

reference_url	https://security.archlinux.org/ASA-202003-11
reference_id	ASA-202003-11
reference_type
scores
url	https://security.archlinux.org/ASA-202003-11

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url

https://security.archlinux.org/AVG-1115

reference_id

AVG-1115

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
reference_id	cpe:2.3:a:mozilla:firefox_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6811

reference_id

CVE-2020-6811

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6811

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_id

mfsa2020-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_id

mfsa2020-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_url	https://access.redhat.com/errata/RHSA-2020:0815
reference_id	RHSA-2020:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0815

reference_url	https://access.redhat.com/errata/RHSA-2020:0816
reference_id	RHSA-2020:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0816

reference_url	https://access.redhat.com/errata/RHSA-2020:0819
reference_id	RHSA-2020:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0819

reference_url	https://access.redhat.com/errata/RHSA-2020:0820
reference_id	RHSA-2020:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0820

reference_url	https://access.redhat.com/errata/RHSA-2020:0905
reference_id	RHSA-2020:0905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0905

reference_url	https://access.redhat.com/errata/RHSA-2020:0914
reference_id	RHSA-2020:0914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0914

reference_url	https://access.redhat.com/errata/RHSA-2020:0918
reference_id	RHSA-2020:0918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0918

reference_url	https://access.redhat.com/errata/RHSA-2020:0919
reference_id	RHSA-2020:0919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0919

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6811

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jr81-ed7a-aqcp

url VCID-m5h6-y3tw-eue6

vulnerability_id VCID-m5h6-y3tw-eue6

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20503.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20503.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20503

reference_id

reference_type

scores

value	0.02474
scoring_system	epss
scoring_elements	0.85297
published_at	2026-04-16T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.85235
published_at	2026-04-04T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.85237
published_at	2026-04-07T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.85259
published_at	2026-04-08T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.85267
published_at	2026-04-09T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.85282
published_at	2026-04-11T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.8528
published_at	2026-04-12T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.85277
published_at	2026-04-13T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.85205
published_at	2026-04-01T12:55:00Z

value	0.02474
scoring_system	epss
scoring_elements	0.85216
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6422
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6422

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6424
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6424

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6425
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6425

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6426
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6426

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6427
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6427

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6428
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6428

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6429
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6429

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6449
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1812203
reference_id	1812203
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1812203

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953270
reference_id	953270
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953270

reference_url	https://security.archlinux.org/ASA-202003-11
reference_id	ASA-202003-11
reference_type
scores
url	https://security.archlinux.org/ASA-202003-11

reference_url	https://security.archlinux.org/ASA-202003-12
reference_id	ASA-202003-12
reference_type
scores
url	https://security.archlinux.org/ASA-202003-12

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url

https://security.archlinux.org/AVG-1115

reference_id

AVG-1115

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1115

reference_url

https://security.archlinux.org/AVG-1118

reference_id

AVG-1118

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1118

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_id

mfsa2020-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_id

mfsa2020-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_url	https://access.redhat.com/errata/RHSA-2020:0815
reference_id	RHSA-2020:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0815

reference_url	https://access.redhat.com/errata/RHSA-2020:0816
reference_id	RHSA-2020:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0816

reference_url	https://access.redhat.com/errata/RHSA-2020:0819
reference_id	RHSA-2020:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0819

reference_url	https://access.redhat.com/errata/RHSA-2020:0820
reference_id	RHSA-2020:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0820

reference_url	https://access.redhat.com/errata/RHSA-2020:0905
reference_id	RHSA-2020:0905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0905

reference_url	https://access.redhat.com/errata/RHSA-2020:0914
reference_id	RHSA-2020:0914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0914

reference_url	https://access.redhat.com/errata/RHSA-2020:0918
reference_id	RHSA-2020:0918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0918

reference_url	https://access.redhat.com/errata/RHSA-2020:0919
reference_id	RHSA-2020:0919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0919

reference_url	https://access.redhat.com/errata/RHSA-2020:1270
reference_id	RHSA-2020:1270
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1270

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2019-20503

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5h6-y3tw-eue6

url VCID-rap5-qz3f-4yhc

vulnerability_id VCID-rap5-qz3f-4yhc

summary When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6813.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6813.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6813

reference_id

reference_type

scores

value	0.00175
scoring_system	epss
scoring_elements	0.38839
published_at	2026-04-01T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.38984
published_at	2026-04-16T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.38974
published_at	2026-04-08T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.38989
published_at	2026-04-09T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.39001
published_at	2026-04-11T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.38964
published_at	2026-04-12T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.38937
published_at	2026-04-13T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.38972
published_at	2026-04-02T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.38991
published_at	2026-04-04T12:55:00Z

value	0.00175
scoring_system	epss
scoring_elements	0.38921
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6813

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1605814
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1605814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1829345
reference_id	1829345
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1829345

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6813

reference_id

CVE-2020-6813

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6813

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6813

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rap5-qz3f-4yhc

url VCID-t4eb-c363-u7hc

vulnerability_id VCID-t4eb-c363-u7hc

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6805.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6805.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6805

reference_id

reference_type

scores

value	0.00853
scoring_system	epss
scoring_elements	0.74965
published_at	2026-04-16T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74928
published_at	2026-04-13T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74887
published_at	2026-04-01T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74938
published_at	2026-04-12T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74959
published_at	2026-04-11T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74937
published_at	2026-04-09T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74924
published_at	2026-04-08T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74891
published_at	2026-04-07T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74917
published_at	2026-04-04T12:55:00Z

value	0.00853
scoring_system	epss
scoring_elements	0.74889
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6805

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1610880
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1610880

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-09/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-10/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-10/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1812199
reference_id	1812199
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1812199

reference_url	https://security.archlinux.org/ASA-202003-11
reference_id	ASA-202003-11
reference_type
scores
url	https://security.archlinux.org/ASA-202003-11

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url

https://security.archlinux.org/AVG-1115

reference_id

AVG-1115

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
reference_id	cpe:2.3:a:mozilla:firefox_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6805

reference_id

CVE-2020-6805

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6805

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_id

mfsa2020-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_id

mfsa2020-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_url	https://access.redhat.com/errata/RHSA-2020:0815
reference_id	RHSA-2020:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0815

reference_url	https://access.redhat.com/errata/RHSA-2020:0816
reference_id	RHSA-2020:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0816

reference_url	https://access.redhat.com/errata/RHSA-2020:0819
reference_id	RHSA-2020:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0819

reference_url	https://access.redhat.com/errata/RHSA-2020:0820
reference_id	RHSA-2020:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0820

reference_url	https://access.redhat.com/errata/RHSA-2020:0905
reference_id	RHSA-2020:0905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0905

reference_url	https://access.redhat.com/errata/RHSA-2020:0914
reference_id	RHSA-2020:0914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0914

reference_url	https://access.redhat.com/errata/RHSA-2020:0918
reference_id	RHSA-2020:0918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0918

reference_url	https://access.redhat.com/errata/RHSA-2020:0919
reference_id	RHSA-2020:0919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0919

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6805

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4eb-c363-u7hc

url VCID-uddz-7wx8-xfbb

vulnerability_id VCID-uddz-7wx8-xfbb

summary When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6809.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6809.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6809

reference_id

reference_type

scores

value	0.00458
scoring_system	epss
scoring_elements	0.63912
published_at	2026-04-01T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64029
published_at	2026-04-16T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64008
published_at	2026-04-08T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64025
published_at	2026-04-09T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64037
published_at	2026-04-11T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64023
published_at	2026-04-12T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63994
published_at	2026-04-13T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.6397
published_at	2026-04-02T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63998
published_at	2026-04-04T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63958
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6809

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1420296
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1420296

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1829343
reference_id	1829343
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1829343

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6809

reference_id

CVE-2020-6809

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6809

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6809

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uddz-7wx8-xfbb

url VCID-wpm1-y59u-zkgu

vulnerability_id VCID-wpm1-y59u-zkgu

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6807.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6807.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6807

reference_id

reference_type

scores

value	0.00779
scoring_system	epss
scoring_elements	0.73711
published_at	2026-04-16T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73668
published_at	2026-04-13T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73616
published_at	2026-04-01T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73676
published_at	2026-04-12T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73694
published_at	2026-04-11T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73671
published_at	2026-04-09T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73658
published_at	2026-04-08T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73622
published_at	2026-04-07T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73651
published_at	2026-04-04T12:55:00Z

value	0.00779
scoring_system	epss
scoring_elements	0.73627
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6807

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1614971
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1614971

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-09/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-10/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-10/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1812201
reference_id	1812201
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1812201

reference_url	https://security.archlinux.org/ASA-202003-11
reference_id	ASA-202003-11
reference_type
scores
url	https://security.archlinux.org/ASA-202003-11

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url

https://security.archlinux.org/AVG-1115

reference_id

AVG-1115

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
reference_id	cpe:2.3:a:mozilla:firefox_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6807

reference_id

CVE-2020-6807

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6807

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_id

mfsa2020-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_id

mfsa2020-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_url	https://access.redhat.com/errata/RHSA-2020:0815
reference_id	RHSA-2020:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0815

reference_url	https://access.redhat.com/errata/RHSA-2020:0816
reference_id	RHSA-2020:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0816

reference_url	https://access.redhat.com/errata/RHSA-2020:0819
reference_id	RHSA-2020:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0819

reference_url	https://access.redhat.com/errata/RHSA-2020:0820
reference_id	RHSA-2020:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0820

reference_url	https://access.redhat.com/errata/RHSA-2020:0905
reference_id	RHSA-2020:0905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0905

reference_url	https://access.redhat.com/errata/RHSA-2020:0914
reference_id	RHSA-2020:0914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0914

reference_url	https://access.redhat.com/errata/RHSA-2020:0918
reference_id	RHSA-2020:0918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0918

reference_url	https://access.redhat.com/errata/RHSA-2020:0919
reference_id	RHSA-2020:0919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0919

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6807

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wpm1-y59u-zkgu

url VCID-x4vq-y6b6-dqf6

vulnerability_id VCID-x4vq-y6b6-dqf6

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could result in the arbitrary execution of code.

references

reference_url	http://packetstormsecurity.com/files/157524/Firefox-js-ReadableStreamCloseInternal-Out-Of-Bounds-Access.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/157524/Firefox-js-ReadableStreamCloseInternal-Out-Of-Bounds-Access.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6806.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6806.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6806

reference_id

reference_type

scores

value	0.03504
scoring_system	epss
scoring_elements	0.87628
published_at	2026-04-16T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.87614
published_at	2026-04-13T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.87559
published_at	2026-04-01T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.87617
published_at	2026-04-12T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.87622
published_at	2026-04-11T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.8761
published_at	2026-04-09T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.87604
published_at	2026-04-08T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.87585
published_at	2026-04-07T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.87582
published_at	2026-04-04T12:55:00Z

value	0.03504
scoring_system	epss
scoring_elements	0.87569
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6806

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1612308
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1612308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-09/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-10/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-10/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1812200
reference_id	1812200
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1812200

reference_url	https://security.archlinux.org/ASA-202003-11
reference_id	ASA-202003-11
reference_type
scores
url	https://security.archlinux.org/ASA-202003-11

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url

https://security.archlinux.org/AVG-1115

reference_id

AVG-1115

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
reference_id	cpe:2.3:a:mozilla:firefox_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6806

reference_id

CVE-2020-6806

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6806

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_id

mfsa2020-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_id

mfsa2020-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_url	https://access.redhat.com/errata/RHSA-2020:0815
reference_id	RHSA-2020:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0815

reference_url	https://access.redhat.com/errata/RHSA-2020:0816
reference_id	RHSA-2020:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0816

reference_url	https://access.redhat.com/errata/RHSA-2020:0819
reference_id	RHSA-2020:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0819

reference_url	https://access.redhat.com/errata/RHSA-2020:0820
reference_id	RHSA-2020:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0820

reference_url	https://access.redhat.com/errata/RHSA-2020:0905
reference_id	RHSA-2020:0905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0905

reference_url	https://access.redhat.com/errata/RHSA-2020:0914
reference_id	RHSA-2020:0914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0914

reference_url	https://access.redhat.com/errata/RHSA-2020:0918
reference_id	RHSA-2020:0918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0918

reference_url	https://access.redhat.com/errata/RHSA-2020:0919
reference_id	RHSA-2020:0919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0919

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6806

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4vq-y6b6-dqf6

url VCID-yr3c-1cqv-n3bw

vulnerability_id VCID-yr3c-1cqv-n3bw

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6812.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6812.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6812

reference_id

reference_type

scores

value	0.00581
scoring_system	epss
scoring_elements	0.68949
published_at	2026-04-16T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68908
published_at	2026-04-13T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68842
published_at	2026-04-01T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68937
published_at	2026-04-12T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68951
published_at	2026-04-11T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68929
published_at	2026-04-09T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.6891
published_at	2026-04-08T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.6886
published_at	2026-04-07T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.6888
published_at	2026-04-04T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68859
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6812

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1616661
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1616661

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-09/

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-10/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-10/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1812204
reference_id	1812204
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1812204

reference_url	https://security.archlinux.org/ASA-202003-11
reference_id	ASA-202003-11
reference_type
scores
url	https://security.archlinux.org/ASA-202003-11

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url

https://security.archlinux.org/AVG-1115

reference_id

AVG-1115

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
reference_id	cpe:2.3:a:mozilla:firefox_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6812

reference_id

CVE-2020-6812

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6812

reference_url	https://security.gentoo.org/glsa/202003-02
reference_id	GLSA-202003-02
reference_type
scores
url	https://security.gentoo.org/glsa/202003-02

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_id

mfsa2020-09

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-09

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_id

mfsa2020-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-10

reference_url	https://access.redhat.com/errata/RHSA-2020:0815
reference_id	RHSA-2020:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0815

reference_url	https://access.redhat.com/errata/RHSA-2020:0816
reference_id	RHSA-2020:0816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0816

reference_url	https://access.redhat.com/errata/RHSA-2020:0819
reference_id	RHSA-2020:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0819

reference_url	https://access.redhat.com/errata/RHSA-2020:0820
reference_id	RHSA-2020:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0820

reference_url	https://access.redhat.com/errata/RHSA-2020:0905
reference_id	RHSA-2020:0905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0905

reference_url	https://access.redhat.com/errata/RHSA-2020:0914
reference_id	RHSA-2020:0914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0914

reference_url	https://access.redhat.com/errata/RHSA-2020:0918
reference_id	RHSA-2020:0918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0918

reference_url	https://access.redhat.com/errata/RHSA-2020:0919
reference_id	RHSA-2020:0919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0919

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

reference_url	https://usn.ubuntu.com/4328-1/
reference_id	USN-4328-1
reference_type
scores
url	https://usn.ubuntu.com/4328-1/

reference_url	https://usn.ubuntu.com/4335-1/
reference_id	USN-4335-1
reference_type
scores
url	https://usn.ubuntu.com/4335-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6812

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yr3c-1cqv-n3bw

url VCID-yu6u-82qg-mqft

vulnerability_id VCID-yu6u-82qg-mqft

summary Mozilla developers Jason Kratzer, Boris Zbarsky, Tyson Smith, and Alexandru Michis reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6815.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6815.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6815

reference_id

reference_type

scores

value	0.00453
scoring_system	epss
scoring_elements	0.63692
published_at	2026-04-01T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63808
published_at	2026-04-16T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63737
published_at	2026-04-07T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63789
published_at	2026-04-08T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63806
published_at	2026-04-09T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63819
published_at	2026-04-11T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63805
published_at	2026-04-12T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63772
published_at	2026-04-13T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63753
published_at	2026-04-02T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63778
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6815

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1181957%2C1557732%2C1557739%2C1611457%2C1612431
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1181957%2C1557732%2C1557739%2C1611457%2C1612431

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2020-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2020-08/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1829346
reference_id	1829346
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1829346

reference_url	https://security.archlinux.org/ASA-202003-8
reference_id	ASA-202003-8
reference_type
scores
url	https://security.archlinux.org/ASA-202003-8

reference_url	https://security.archlinux.org/ASA-202004-12
reference_id	ASA-202004-12
reference_type
scores
url	https://security.archlinux.org/ASA-202004-12

reference_url

https://security.archlinux.org/AVG-1112

reference_id

AVG-1112

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1112

reference_url

https://security.archlinux.org/AVG-1132

reference_id

AVG-1132

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1132

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-6815

reference_id

CVE-2020-6815

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2020-6815

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_id

mfsa2020-08

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2020-08

reference_url	https://usn.ubuntu.com/4299-1/
reference_id	USN-4299-1
reference_type
scores
url	https://usn.ubuntu.com/4299-1/

fixed_packages

url	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/librewolf@74.0-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

aliases CVE-2020-6815

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yu6u-82qg-mqft

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/librewolf@74.0-r0%3Farch=armhf&distroversion=v3.22&reponame=community

Package Instance