{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","type":"apk","namespace":"alpine","name":"firefox","version":"83.0-r0","qualifiers":{"arch":"armhf","distroversion":"v3.16","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"84.0.1-r0","latest_non_vulnerable_version":"101.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1213?format=json","vulnerability_id":"VCID-2vg4-6ehh-pqe6","summary":"When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code.","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26967"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vg4-6ehh-pqe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1186?format=json","vulnerability_id":"VCID-4r4b-wwe7-wbf1","summary":"Some websites have a feature \"Show Password\" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature, the type of the password field was changed, resulting in a keyboard layout change and the possibility for the software keyboard to remember the typed password.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26965.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26965.json"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898739","reference_id":"1898739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898739"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26965"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4r4b-wwe7-wbf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1206?format=json","vulnerability_id":"VCID-5hkk-dmec-4ke6","summary":"Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors.","references":[{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26952"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hkk-dmec-4ke6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1183?format=json","vulnerability_id":"VCID-5zxg-e17p-7bcs","summary":"If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26960.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26960.json"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898737","reference_id":"1898737","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898737"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26960"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zxg-e17p-7bcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1207?format=json","vulnerability_id":"VCID-fa4z-u58m-cbbe","summary":"When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*","references":[{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26954"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fa4z-u58m-cbbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1180?format=json","vulnerability_id":"VCID-g8w6-c5x8-67d7","summary":"In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26956.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26956.json"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898734","reference_id":"1898734","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898734"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26956"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8w6-c5x8-67d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1209?format=json","vulnerability_id":"VCID-jvaj-w6sz-abd8","summary":"OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*","references":[{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26957"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvaj-w6sz-abd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1187?format=json","vulnerability_id":"VCID-n8c7-72ec-93f7","summary":"Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898740","reference_id":"1898740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898740"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26966"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n8c7-72ec-93f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1179?format=json","vulnerability_id":"VCID-nz6d-g2bq-dud1","summary":"It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26953.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26953.json"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898733","reference_id":"1898733","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898733"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26953"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nz6d-g2bq-dud1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1188?format=json","vulnerability_id":"VCID-p11h-ahac-pyae","summary":"Mozilla developers Steve Fink, Jason Kratzer, Randell Jesup, Christian Holler, and Byron Campen reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26968.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26968.json"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898741","reference_id":"1898741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898741"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26968"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p11h-ahac-pyae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1210?format=json","vulnerability_id":"VCID-qv3r-efx9-s3fd","summary":"Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation.","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26962"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qv3r-efx9-s3fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1212?format=json","vulnerability_id":"VCID-thee-vd9f-7bdq","summary":"If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix domain socket, protected by the Android SELinux policy; however, SELinux was not enforced for versions prior to 6.0. This was fixed by removing the Remote Debugging via USB feature from affected devices.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*","references":[{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108412?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.16&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}],"aliases":["CVE-2020-26964"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-thee-vd9f-7bdq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.16&reponame=community"}