{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","type":"apk","namespace":"alpine","name":"firefox","version":"83.0-r0","qualifiers":{"arch":"armhf","distroversion":"v3.20","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"84.0.1-r0","latest_non_vulnerable_version":"119.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1228?format=json","vulnerability_id":"VCID-3tkk-ke22-3udn","summary":"Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26963","reference_id":"","reference_type":"","scores":[{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45123","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45191","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26963"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26963"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3tkk-ke22-3udn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1195?format=json","vulnerability_id":"VCID-45d6-1r5e-s7aj","summary":"When drawing a transparent image on top of an unknown cross-origin image, the Skia library drawImage function took a variable amount of time depending on the content of the underlying image. This resulted in potential cross-origin information exposure of image content through timing side-channel attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16012.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16012.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16012","reference_id":"","reference_type":"","scores":[{"value":"0.04946","scoring_system":"epss","scoring_elements":"0.89842","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04946","scoring_system":"epss","scoring_elements":"0.89826","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15964","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15964"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15971","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15971"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15972","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15972"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15973","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15973"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15980","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15982","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15982"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15983"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15986","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15986"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16003","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16003"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16026"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16027","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16027"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16028","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16028"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16030","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16030"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16033","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16033"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16037","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16037"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6510","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6510"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6516"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6523","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6523"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6525","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6525"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6527","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6527"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6552"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6563","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6563"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6568","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6568"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6569","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6569"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6570","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6571","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6576"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898732","reference_id":"1898732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898732"},{"reference_url":"https://security.archlinux.org/ASA-202011-11","reference_id":"ASA-202011-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-11"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1277","reference_id":"AVG-1277","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1277"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"},{"reference_url":"https://usn.ubuntu.com/4647-1/","reference_id":"USN-4647-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4647-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-16012"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-45d6-1r5e-s7aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1203?format=json","vulnerability_id":"VCID-6zg2-nngp-37h8","summary":"Some websites have a feature \"Show Password\" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature, the type of the password field was changed, resulting in a keyboard layout change and the possibility for the software keyboard to remember the typed password.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26965.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26965","reference_id":"","reference_type":"","scores":[{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.5805","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898739","reference_id":"1898739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898739"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"},{"reference_url":"https://usn.ubuntu.com/4647-1/","reference_id":"USN-4647-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4647-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26965"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6zg2-nngp-37h8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1224?format=json","vulnerability_id":"VCID-9c6q-f29g-hbdc","summary":"When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26954","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40151","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40234","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26954"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26954"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9c6q-f29g-hbdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1226?format=json","vulnerability_id":"VCID-cepu-vy2k-jfde","summary":"OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26957","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29931","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26957"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26957"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cepu-vy2k-jfde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1223?format=json","vulnerability_id":"VCID-dppt-u86h-7uf9","summary":"Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26952","reference_id":"","reference_type":"","scores":[{"value":"0.00423","scoring_system":"epss","scoring_elements":"0.62426","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00423","scoring_system":"epss","scoring_elements":"0.62473","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26952"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26952"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dppt-u86h-7uf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1227?format=json","vulnerability_id":"VCID-dupb-jn21-c7h5","summary":"Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26962","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34305","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34403","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26962"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26962"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dupb-jn21-c7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1229?format=json","vulnerability_id":"VCID-f7th-s5v6-8fe2","summary":"If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix domain socket, protected by the Android SELinux policy; however, SELinux was not enforced for versions prior to 6.0. This was fixed by removing the Remote Debugging via USB feature from affected devices.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26964","reference_id":"","reference_type":"","scores":[{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47502","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47567","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26964"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26964"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f7th-s5v6-8fe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1198?format=json","vulnerability_id":"VCID-fs96-6a57-dfeq","summary":"Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26958.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26958.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26958","reference_id":"","reference_type":"","scores":[{"value":"0.00661","scoring_system":"epss","scoring_elements":"0.71561","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00661","scoring_system":"epss","scoring_elements":"0.71518","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898735","reference_id":"1898735","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898735"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"},{"reference_url":"https://usn.ubuntu.com/4647-1/","reference_id":"USN-4647-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4647-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26958"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fs96-6a57-dfeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1204?format=json","vulnerability_id":"VCID-jjfz-7dhb-vbc7","summary":"Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26966","reference_id":"","reference_type":"","scores":[{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.5805","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26966"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898740","reference_id":"1898740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898740"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26966"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jjfz-7dhb-vbc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1230?format=json","vulnerability_id":"VCID-mbrb-76qm-qfcp","summary":"When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26967","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40151","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40234","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26967"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26967"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mbrb-76qm-qfcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1200?format=json","vulnerability_id":"VCID-qqa4-zc3k-yqfg","summary":"If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26960.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26960.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26960","reference_id":"","reference_type":"","scores":[{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71653","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71609","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898737","reference_id":"1898737","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898737"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"},{"reference_url":"https://usn.ubuntu.com/4647-1/","reference_id":"USN-4647-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4647-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26960"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqa4-zc3k-yqfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1225?format=json","vulnerability_id":"VCID-v46q-byj5-c3g9","summary":"When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26955","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40151","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40234","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26955"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26955"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v46q-byj5-c3g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1202?format=json","vulnerability_id":"VCID-z7t3-8cc4-aba4","summary":"When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26961.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26961.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26961","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51225","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51164","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26968"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898738","reference_id":"1898738","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898738"},{"reference_url":"https://security.archlinux.org/ASA-202011-12","reference_id":"ASA-202011-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-12"},{"reference_url":"https://security.archlinux.org/AVG-1279","reference_id":"AVG-1279","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1279"},{"reference_url":"https://security.gentoo.org/glsa/202012-03","reference_id":"GLSA-202012-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5231","reference_id":"RHSA-2020:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5232","reference_id":"RHSA-2020:5232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5233","reference_id":"RHSA-2020:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5234","reference_id":"RHSA-2020:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5235","reference_id":"RHSA-2020:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5236","reference_id":"RHSA-2020:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5237","reference_id":"RHSA-2020:5237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5238","reference_id":"RHSA-2020:5238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5239","reference_id":"RHSA-2020:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5240","reference_id":"RHSA-2020:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5257","reference_id":"RHSA-2020:5257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5314","reference_id":"RHSA-2020:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5314"},{"reference_url":"https://usn.ubuntu.com/4637-1/","reference_id":"USN-4637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-1/"},{"reference_url":"https://usn.ubuntu.com/4637-2/","reference_id":"USN-4637-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4637-2/"},{"reference_url":"https://usn.ubuntu.com/4647-1/","reference_id":"USN-4647-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4647-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/308628?format=json","purl":"pkg:apk/alpine/firefox@83.0-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2020-26961"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7t3-8cc4-aba4"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@83.0-r0%3Farch=armhf&distroversion=v3.20&reponame=community"}