{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","type":"apk","namespace":"alpine","name":"firefox","version":"83.0-r0","qualifiers":{"arch":"armhf","distroversion":"v3.15","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"84.0.1-r0","latest_non_vulnerable_version":"94.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212938?format=json","vulnerability_id":"VCID-1r15-72vs-6kgs","summary":"OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}],"aliases":["CVE-2020-26957"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1r15-72vs-6kgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8327?format=json","vulnerability_id":"VCID-41bm-wexc-gqc5","summary":"","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}],"aliases":["CVE-2020-26962"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41bm-wexc-gqc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8331?format=json","vulnerability_id":"VCID-4kvy-uetc-b7fw","summary":"","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}],"aliases":["CVE-2020-26967"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4kvy-uetc-b7fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8324?format=json","vulnerability_id":"VCID-5b11-fzbu-quf8","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}],"aliases":["CVE-2020-26959"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5b11-fzbu-quf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8328?format=json","vulnerability_id":"VCID-g1gc-bkva-suf6","summary":"","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}],"aliases":["CVE-2020-26963"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g1gc-bkva-suf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8323?format=json","vulnerability_id":"VCID-gemv-gzb6-w3f5","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}],"aliases":["CVE-2020-26958"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gemv-gzb6-w3f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212936?format=json","vulnerability_id":"VCID-r3js-cf5a-p3hp","summary":"When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}],"aliases":["CVE-2020-26954"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r3js-cf5a-p3hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8325?format=json","vulnerability_id":"VCID-vn68-fvs3-zqdq","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121382?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.15&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}],"aliases":["CVE-2020-26960"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vn68-fvs3-zqdq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.15&reponame=community"}