{"url":"http://public2.vulnerablecode.io/api/packages/102431?format=json","purl":"pkg:rpm/redhat/firefox@78.2.0-3?arch=el8_1","type":"rpm","namespace":"redhat","name":"firefox","version":"78.2.0-3","qualifiers":{"arch":"el8_1"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63184?format=json","vulnerability_id":"VCID-28dd-azvp-pkeu","summary":"Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15648.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15648.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15648","reference_id":"","reference_type":"","scores":[{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54788","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.5468","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54733","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54694","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54615","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54686","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54708","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54677","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.5473","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54726","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54739","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54722","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54701","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54741","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54721","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54693","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54712","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.5469","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54637","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15648"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872537","reference_id":"1872537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872537"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-28","reference_id":"mfsa2020-28","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-29","reference_id":"mfsa2020-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4080","reference_id":"RHSA-2020:4080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4080"}],"fixed_packages":[],"aliases":["CVE-2020-15648"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-28dd-azvp-pkeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47901?format=json","vulnerability_id":"VCID-3ux5-gp3e-2udq","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Mozilla Thunderbird, the worst of which could result in the arbitrary\n    execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15669.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15669.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15669","reference_id":"","reference_type":"","scores":[{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63867","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63788","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63814","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63617","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63676","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63702","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63663","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63714","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63731","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63745","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63732","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63742","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63728","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63746","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.6376","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63757","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63729","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63772","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63822","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15669"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872532","reference_id":"1872532","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872532"},{"reference_url":"https://security.gentoo.org/glsa/202008-16","reference_id":"GLSA-202008-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-37","reference_id":"mfsa2020-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-37"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-40","reference_id":"mfsa2020-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-40"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3556","reference_id":"RHSA-2020:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3558","reference_id":"RHSA-2020:3558","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3631","reference_id":"RHSA-2020:3631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3632","reference_id":"RHSA-2020:3632","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3632"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3633","reference_id":"RHSA-2020:3633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3634","reference_id":"RHSA-2020:3634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3643","reference_id":"RHSA-2020:3643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3643"}],"fixed_packages":[],"aliases":["CVE-2020-15669"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ux5-gp3e-2udq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63140?format=json","vulnerability_id":"VCID-6h7s-a74e-33c1","summary":"Mozilla developer Anne van Kesteren discovered that <iframe sandbox> with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15653.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15653.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15653","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51881","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51808","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5177","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51719","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51771","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51776","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51801","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51724","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51773","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51799","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51759","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51814","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51862","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51842","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51827","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51869","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51876","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51858","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15653"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861645","reference_id":"1861645","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861645"},{"reference_url":"https://security.archlinux.org/AVG-1213","reference_id":"AVG-1213","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1213"},{"reference_url":"https://security.archlinux.org/AVG-1214","reference_id":"AVG-1214","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1214"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-30","reference_id":"mfsa2020-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-30"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-32","reference_id":"mfsa2020-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-32"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-33","reference_id":"mfsa2020-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-33"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4080","reference_id":"RHSA-2020:4080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4080"},{"reference_url":"https://usn.ubuntu.com/4443-1/","reference_id":"USN-4443-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4443-1/"}],"fixed_packages":[],"aliases":["CVE-2020-15653"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h7s-a74e-33c1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63144?format=json","vulnerability_id":"VCID-9tc4-qr6d-6kfu","summary":"When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15654.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15654","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65769","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65654","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.6563","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65679","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65723","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65694","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65712","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65513","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65562","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65592","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65558","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65611","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65623","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65642","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65627","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65599","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65634","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65629","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65644","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65655","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15654"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861649","reference_id":"1861649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861649"},{"reference_url":"https://security.archlinux.org/AVG-1213","reference_id":"AVG-1213","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1213"},{"reference_url":"https://security.archlinux.org/AVG-1214","reference_id":"AVG-1214","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1214"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-30","reference_id":"mfsa2020-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-30"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-32","reference_id":"mfsa2020-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-32"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-33","reference_id":"mfsa2020-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-33"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4080","reference_id":"RHSA-2020:4080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4080"},{"reference_url":"https://usn.ubuntu.com/4443-1/","reference_id":"USN-4443-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4443-1/"}],"fixed_packages":[],"aliases":["CVE-2020-15654"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tc4-qr6d-6kfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33651?format=json","vulnerability_id":"VCID-g3mn-nhq4-zbhv","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12424.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12424.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12424","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36501","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36405","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36427","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36841","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36998","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.37032","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36861","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36912","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36927","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36935","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36875","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.3692","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36903","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36845","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36626","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36594","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36507","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36391","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36463","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.3649","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12424"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872539","reference_id":"1872539","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872539"},{"reference_url":"https://security.gentoo.org/glsa/202007-10","reference_id":"GLSA-202007-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-24","reference_id":"mfsa2020-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-29","reference_id":"mfsa2020-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4080","reference_id":"RHSA-2020:4080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4080"},{"reference_url":"https://usn.ubuntu.com/4408-1/","reference_id":"USN-4408-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4408-1/"}],"fixed_packages":[],"aliases":["CVE-2020-12424"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3mn-nhq4-zbhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63141?format=json","vulnerability_id":"VCID-h4r6-jrxh-6kcf","summary":"JIT optimizations involving the Javascript arguments object could confuse later optimizations.\nThis risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15656.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15656.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15656","reference_id":"","reference_type":"","scores":[{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.72083","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71976","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71969","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.72004","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.72034","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71998","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.72025","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71858","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71867","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71886","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71859","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71897","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71908","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71932","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71915","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71898","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.7194","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71944","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71929","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71973","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00695","scoring_system":"epss","scoring_elements":"0.71979","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15656"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861646","reference_id":"1861646","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861646"},{"reference_url":"https://security.archlinux.org/AVG-1213","reference_id":"AVG-1213","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1213"},{"reference_url":"https://security.archlinux.org/AVG-1214","reference_id":"AVG-1214","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1214"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-30","reference_id":"mfsa2020-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-30"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-32","reference_id":"mfsa2020-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-32"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-33","reference_id":"mfsa2020-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-33"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4080","reference_id":"RHSA-2020:4080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4080"},{"reference_url":"https://usn.ubuntu.com/4443-1/","reference_id":"USN-4443-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4443-1/"}],"fixed_packages":[],"aliases":["CVE-2020-15656"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4r6-jrxh-6kcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47900?format=json","vulnerability_id":"VCID-jtsz-m5jr-ebdc","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Mozilla Thunderbird, the worst of which could result in the arbitrary\n    execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15664.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15664.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15664","reference_id":"","reference_type":"","scores":[{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.59006","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58923","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.589","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58883","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58894","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58952","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58907","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58935","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58781","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58878","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58846","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58899","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58905","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58922","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58904","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58885","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58918","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15669"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872531","reference_id":"1872531","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872531"},{"reference_url":"https://security.gentoo.org/glsa/202008-16","reference_id":"GLSA-202008-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-36","reference_id":"mfsa2020-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-36"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-37","reference_id":"mfsa2020-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-37"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-38","reference_id":"mfsa2020-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-38"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-39","reference_id":"mfsa2020-39","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-39"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-40","reference_id":"mfsa2020-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-40"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-41","reference_id":"mfsa2020-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-41"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3556","reference_id":"RHSA-2020:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3558","reference_id":"RHSA-2020:3558","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3631","reference_id":"RHSA-2020:3631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3632","reference_id":"RHSA-2020:3632","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3632"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3633","reference_id":"RHSA-2020:3633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3634","reference_id":"RHSA-2020:3634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3643","reference_id":"RHSA-2020:3643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3643"},{"reference_url":"https://usn.ubuntu.com/4474-1/","reference_id":"USN-4474-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4474-1/"}],"fixed_packages":[],"aliases":["CVE-2020-15664"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jtsz-m5jr-ebdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33652?format=json","vulnerability_id":"VCID-p6nb-kyzu-bbdf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12425.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12425.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12425","reference_id":"","reference_type":"","scores":[{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67703","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67618","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67644","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67459","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67495","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67516","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67494","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67545","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.6756","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67583","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67569","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67535","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67571","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67584","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67562","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67582","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67592","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67594","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67567","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67611","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67647","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12425"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872540","reference_id":"1872540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872540"},{"reference_url":"https://security.gentoo.org/glsa/202007-10","reference_id":"GLSA-202007-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-24","reference_id":"mfsa2020-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-29","reference_id":"mfsa2020-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4080","reference_id":"RHSA-2020:4080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4080"},{"reference_url":"https://usn.ubuntu.com/4408-1/","reference_id":"USN-4408-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4408-1/"}],"fixed_packages":[],"aliases":["CVE-2020-12425"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p6nb-kyzu-bbdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63142?format=json","vulnerability_id":"VCID-qhwf-9n5n-hbaa","summary":"The code for downloading files did not properly take care of special characters,\nwhich led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15658.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15658","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65769","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65654","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.6563","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65679","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65723","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65694","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65712","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65513","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65562","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65592","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65558","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65611","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65623","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65642","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65627","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65599","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65634","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65629","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65644","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65655","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15658"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861647","reference_id":"1861647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1861647"},{"reference_url":"https://security.archlinux.org/AVG-1213","reference_id":"AVG-1213","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1213"},{"reference_url":"https://security.archlinux.org/AVG-1214","reference_id":"AVG-1214","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1214"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-30","reference_id":"mfsa2020-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-30"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-32","reference_id":"mfsa2020-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-32"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-33","reference_id":"mfsa2020-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-33"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4080","reference_id":"RHSA-2020:4080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4080"},{"reference_url":"https://usn.ubuntu.com/4443-1/","reference_id":"USN-4443-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4443-1/"}],"fixed_packages":[],"aliases":["CVE-2020-15658"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qhwf-9n5n-hbaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33650?format=json","vulnerability_id":"VCID-w9xm-y9fr-wyh7","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12422.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12422.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12422","reference_id":"","reference_type":"","scores":[{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.70098","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.70022","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.70049","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69845","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69858","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69873","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.6985","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69898","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69914","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69922","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69908","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69951","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69961","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69943","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69994","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.70002","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.70003","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.69979","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.70021","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00616","scoring_system":"epss","scoring_elements":"0.70052","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12422"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872538","reference_id":"1872538","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872538"},{"reference_url":"https://security.gentoo.org/glsa/202007-10","reference_id":"GLSA-202007-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-24","reference_id":"mfsa2020-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-29","reference_id":"mfsa2020-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3555","reference_id":"RHSA-2020:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3557","reference_id":"RHSA-2020:3557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3559","reference_id":"RHSA-2020:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4080","reference_id":"RHSA-2020:4080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4080"},{"reference_url":"https://usn.ubuntu.com/4408-1/","reference_id":"USN-4408-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4408-1/"}],"fixed_packages":[],"aliases":["CVE-2020-12422"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9xm-y9fr-wyh7"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@78.2.0-3%3Farch=el8_1"}